How to achieve Hashing/ Encrypting a password field?
mtech2008 opened this issue · 2 comments
mtech2008 commented
Hi,
How can I achieve Hashing/ Encrypting a password field?
How about having a HashField or MD5Field?
Regards
abawchen commented
@mtech2008 : It's more like a question about mongoengine, not a graphql one, you can refer: https://stackoverflow.com/questions/27943258/save-password-as-salted-hash-in-mongodb-in-users-collection-using-python-bcrypt
make sense?
bhavishyasharma commented
Can be done easily using bcrypt
Mutation Class
class RegisterUserMutation(graphene.Mutation):
user = graphene.Field(UserType)
class Arguments:
user_data = UserInput(required=True)
def mutate(self, info, user_data=None):
user = UserModel(
firstname = user_data.firstname,
lastname = user_data.lastname,
username = user_data.username,
email = user_data.email,
roles = list()
)
user.setPassword(user_data.password)
user.save()
return RegisterUserMutation(user=user)
Model Class
class UserModel(Document):
meta = {'collection': 'user'}
_id = ObjectIdField()
firstname = StringField()
lastname = StringField()
email = EmailField()
username = StringField()
password = StringField()
roles = ListField(ReferenceField(RoleModel, reverse_delete_rule=mongoengine.DENY))
def setPassword(self,password):
self.password = (bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt())).decode("utf-8")