Skip to main content

Password hashing

Password hashing is one of the most critical aspects when it comes to application security. It is the process of converting a plain text password into a unique string that is difficult to reverse. This string is what you store in your database, not the actual password. This is important because in the event of a data breach, the hashed passwords will be useless to the attacker.

What is password hashing?

Password hashing is a method of securing passwords by converting them into unreadable strings of characters. This is done with a one-way function, meaning that once a password is hashed, it cannot be reversed or decrypted to reveal the original password.

Why do we hash passwords?

The primary reason for hashing passwords is to prevent them from being stolen in the event of a data breach. If passwords were stored in plain text, anyone with access to the database could see and misuse them.

How to hash passwords in FastAPI?

FastAPI does not have built-in password hashing functionality, but it integrates smoothly with other libraries to achieve this. One such library is passlib. Let's see how we can use it.

First, you'll need to install the library:

pip install passlib[bcrypt]

Now, you can use it in your FastAPI application:

from passlib.context import CryptContext

pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")

def hash_password(password: str):
    return pwd_context.hash(password)

def verify_password(plain_password: str, hashed_password: str):
    return pwd_context.verify(plain_password, hashed_password)

In the code snippet above, hash_password is a function that takes a plain text password and returns the hashed version of it. The verify_password function checks if a plain text password matches a hashed password.

Conclusion

Password hashing is a vital part of any application's security. It's a necessary measure to keep your user's data safe, especially in the event of a data breach. FastAPI, together with passlib library, provides a simple and effective way to hash and verify passwords in your application.

I hope this article helps you understand password hashing and how to implement it in FastAPI. Remember, security should never be an afterthought; it's an integral part of your application's design.