def getUser(self, username, password):
# Query met parameters
sqlQuery = "SELECT pwd_hash, pwd_salt FROM tbl_users WHERE username = '{param1}'"
# Combineren van de query en parameter
sqlCommand = sqlQuery.format(param1=username)
self.__cursor.execute(sqlCommand)
result = self.__cursor.fetchone()
if not result:
return False
db_hash_string = result[0]
db_salt_string = result[1]
pwd_bytes = password
db_salt_bytes = binascii.unhexlify(db_salt_string)
hash_bytes = hashlib.pbkdf2_hmac('sha256', pwd_bytes, db_salt_bytes, 100000)
hash_string = binascii.hexlify(hash_bytes).decode('utf-8')
self.__cursor.close()
return hash_string == db_hash_string
评论列表
文章目录
