Encryption using passlib.hash - sha256_crypt.encrypt and decryption - python-2.7

I am taking password inputs from user and planning to use passlib.hash library for encrypting the password .
I am able to encrypt the password successfully and their documentation states about the verify function usage, however I want to find out the original password entered , Is it possible ?
For example :
User entered a password : abcd
Password encrypted using passlib to a variable hash
How to decrypt the password hash and get value abcd ?
See the sample code below :
print "Enter a password "
passw = raw_input()
print "password entered is ", passw
hash = sha256_crypt.encrypt(passw)
retrivepass=?
Is it possible to retrive the original password ? If not what is the best alternative ?
Thanks in advance

Is it possible to retrieve the original password?
No. The purpose of a password hashing function is to make it possible for you to authenticate users without actually storing their passwords.
Hashing functions are one-way, so given the output, you cannot infer what the input was. Think of it like adding two numbers together. You know that 2 + 2 = 4, but given 4, you can't figure out that the two numbers that were added together were 2 and 2.
If not what is the best alternative?
You most likely don't need encryption. You need a good password hashing function, like Bcrypt or PBKDF2.

Store the hash then when the user would like access:
valid = False
while not valid:
passw = raw_input("Enter your password")
valid = sha256_crypt.verify(passw, hash)

Hashing is the process of encrypting standard blocks of data, which often results in the same length of output, with even infinitely long input. SHA256 encodes input data into 256 bits of output data.
You can always hash the password and store it. But the password cannot be retrieved back. The ideal way is to get the password again, hash it, and compare it with the stored hashed value.

Related

How to simplify phone_number field update Process in django including verification

Problem Description:
We have a User model where Phone number is been set as username and its unique=True,
We also have a field where to represent verified/unverified users. And we verify users by OTP verification to phone number. So now we need to add a new feature where user can replace his phone_number and then he will go to verification process and then we will change his number.
And also We need to preserve his previous number (which he already verified) until this new number is verified.
If for some reason user decides to go back without verification we delete newly added number and keeps his old number as username.
So what would be the best way to approach this problem
What I'm considering to have another Model linked with ForeignKey to User
class AlternativeNumber(models.Model):
user = User() # forignkey
number = Charfield
is_verfied = BooleanField
So we will be verifying users number and replacing his original number from his alternativenumber_set
Do you think we can simply it more. Do you think it might have some flaws or we go with a better appraoch ? thanks.
In my opinion you can add two new fields to the User class
alternative_number = CharField
is_aletrnative_verfied = BooleanField
which is really similar to your approach, but it is simpler because all the data is in one table. if a user did not verify his number then you can create a cron job that checks if the is_aletrnative_verfied and if it was false then delete whatever value is in the alternative_number just for the data to be consistent.
Hope you find this helpful!

Email as the primary key for customer orders in DynamoDB?

I have a order I want to store in DynamoDB, with the following fields:
Order date: 2019-03-27 02:09pm
First Name: John
Last Name: Doe
Email: john#example.com
Phone: 555-11434
Address: 13 Lorong K Changi, Sunny Shores
City: Singapore
Zip: 654321
Country: Singapore
Status: new, confirmed, delivered
(There is no unique order identifier decreed)
At first I combined First&Last name "John Doe" as the partition key and put order date as the sort key. That worked quite well until:
I figured I can't query the partition key (name of customer). I want to be able to look up customer orders, by customer!
Secondly URLs addressing the order would look like: https://example.com/2019-03-27/John%20Doe... i.e. the space does cause some confusion. Is there a more efficient way to encode the name?
I am most keen on email address, but from researching that, it seems like email is a bad field to use.
The access patterns are pretty simple. Need a way to:
Look up an order
Search by customer (could be name, could be email)
Query by order status
I tried making a composite key with order status and order date, but that has not gone well: Replace an old item with a new item in DynamoDB
Most people in this scenario generate a UUID for the user, and make that the partition key.
If you use an email address as the partition key, it means your user cannot ever change their email address, at least not without some creative coding on your part.
It might be valid to use an email address in your case, for example if a user can never change email address. In that case you should just be able to URL encode the email address on your client. However if you want to avoid that altogether, you could accept the parameter in a Base64 encoded format, and decode it before use with DynamoDB.
If you decide to generate UUIDs and make these your partition keys, you would probably then create GSIs with partition keys of email address and order state. You can use these GSIs to access your data quickly with your specified access patterns.

Email Validation to avoid duplicate entry within two items Apex

I am having two items:
P1_email
p2_emails
Here I want to validate the email ids, the same email ids should not enter with these items.
If I enter same email id in both items, it should raise an error:
its not possible to enter the same email id in both place.
The simplest option is to create validation on P2_EMAILS item. Choose PL/SQL Function (returning error text). Code to be used:
if :P1_EMAIL = :P2_EMAILS then
return ('It is not possible to enter the same email ID in both places');
end if;
Note that this won't handle invalid e-mail addresses (such as "little#foot#gmail#com"), NULLs etc. - as I said, it is the simplest way to do what you asked.

Validate Email Or Number in Regex

I have a sign in form where userid is email id of users or unique id given by us i.e in integer.
So i want regex for that text box to validate email or Id.
Means.
if someone enters
abc#abc.com
or
1024
then it is valid
and if someone is entering anything other than email or integer than it should show as invalid.
Thanks...
^(?:[\w.]+#[\w.]+|\d+)$
You can try this.Though Your requirements are not very clear.See demo.
http://regex101.com/r/zU7dA5/4

Username and password using expect in python

write a piece of code that ask the user to set a password
- queries the user for his/her user name
- queries the user for his/her password twice, making sure the user enters the same password twice
- Allow Only 3 attempts to get a correct password
the rules for the password are
- at least one number
- at least one lower cap letter
- at least one upper cap letter
- allowed characters: numbers, letters, "_", "-" and "."
The above task should be done using expect concept. Since am new to python language can anyone help me in solving this task.
import pexpect
child = pexpect.spawn('ftp ftp.openbsd.org')
child.expect('Name .*: ')
child.sendline('anonymous')
child.expect('Password:')
I have tried till thid and donn't know how to proceed.
How about
child.sendline(raw_input('Password:'))
It prints Password: and asks the user for the password.