Closed michaelkariv closed 8 years ago
class RegisterHandler(BaseHandler): # ... def post(self): # ... # Password to SHA512 password = utils.hashing(password, self.app.config.get('salt')) # ... user = self.auth.store.user_model.create_user( auth_id, unique_properties, password_raw=password, username=username, name=name, last_name=last_name, email=email, ip=self.request.remote_addr, country=country, tz=tz )
Why do we need hashing the password (using utils.hashing) if it is getting hashed again by webapp2_extras.appengine.auth.models.User.create_user ?
utils.hashing
webapp2_extras.appengine.auth.models.User.create_user
manage your own hashing algorithm allows you to add another level of security. Always a Security Algorithm can fail
Why do we need hashing the password (using
utils.hashing
) if it is getting hashed again bywebapp2_extras.appengine.auth.models.User.create_user
?