Masonite provides secure hashing for storing user passwords or other data. Bcrypt and Argon2 protocols can be used with Masonite (default is Bcrypt).
Hashing configuration is located at config/application.py file. In this file, you can configure which protocol
to use.
{% code title="config/application.py" %}
HASHING = {
"default": "bcrypt",
"bcrypt": {"rounds": 10},
"argon2": {"memory": 1024, "threads": 2, "time": 2},
}{% endcode %}
You can use the Hash facade to easily hash a string (e.g. a password):
from masonite.facades import Hash
Hash.make("secret") #== $2b$10$3Nm9sWFYhi.GUJ...Note that you can return a hash as bytes with:
from masonite.facades import Hash
Hash.make_bytes("secret") #== b"$2b$10$3Nm9sWFYhi.GUJ..."To check that a plain-text string corresponds to a given hash you can do:
from masonite.facades import Hash
Hash.check("secret", "$2b$10$3Nm9sWFYhi.GUJ...") #== TrueYou can determine if the work factor used by the hashing protocol has changed since the string was hashed using needs_rehash:
from masonite.facades import Hash
Hash.needs_rehash("$2b$10$3Nm9sWFYhi.GUJ...") #== TrueYou can change hashing protocol configuration on the fly for all Hash methods:
from masonite.facades import Hash
Hash.make("secret", options={"rounds": 5})You can also change protocol on the fly:
from masonite.facades import Hash
Hash.make("secret", driver="argon2", options={"memory": 512, "threads": 8, "time": 2})