Welcome to the Treehouse Community

Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.

Start your free trial

Python Flask REST API API Protection Password hashing

Posted by Christina Braden
Christina Braden
11,644 Points

Great! Now, add a staticmethod to User that returns a hashed password. Name it hash_password and have it take a single a

Not sure what is wrong with my code, or maybe I'm not understanding the question. Flask REST API password hashing challenge challenge 2 of 3. https://teamtreehouse.com/library/flask-rest-api/api-protection/password-hashing

Great! Now, add a staticmethod to User that returns a hashed password. Name it hash_password and have it take a single argument, the password to hash. Hash the password using HASHER's 'hash' method and return it.

models.py 
import datetime

from peewee import *

from argon2 import PasswordHasher
from itsdangerous import (TimedJSONWebSignatureSerializer as Serializer,
                          BadSignature, SignatureExpired)

DATABASE = SqliteDatabase('recipes.db')

HASHER = PasswordHasher()


class User(Model):
    username = CharField(unique=True)
    password = CharField()


    class Meta:
        database = DATABASE

    @classmethod
    def create_user(cls, username, password):
        try:
            cls.get(cls.username**username)
        except cls.DoesNotExist:
            user = cls(username=username)
            # TODO: hash user password here?
            user.password = user.set_password(password)
            user.save()
            return user
        else:
            raise Exception("User already exists") 

    @staticmethod
    def set_password(password):
        return Hasher.hash(password)

    def verify_passowrd(self, password):
        return Hasher.verify(self.password, password)


class Recipe(Model):
    name = CharField()
    created_at = DateTimeField(default=datetime.datetime.now)

    class Meta:
        database = DATABASE


class Ingredient(Model):
    name = CharField()
    description = CharField()
    quantity = DecimalField()
    measurement_type = CharField()
    recipe = ForeignKeyField(Recipe)

    class Meta:
        database = DATABASE


def initialize():
    DATABASE.connect()
    DATABASE.create_tables([User, Recipe, Ingredient], safe=True)
    DATABASE.close()

1 Answer

Chris Freeman
MOD
Chris Freeman
Treehouse Moderator 68,441 Points
Chris Freeman
Chris Freeman
Treehouse Moderator 68,441 Points

Two specific issues:

  • name method hash_password
  • call the HASHER.hash() method

Post back if you need more help. Good luck!