验证密码是否匹配 支持新格式 (sha256$salt$hash) 和旧格式 (明文)
(password: str, hashed: str)
| 110 | |
| 111 | |
| 112 | def verify_password(password: str, hashed: str) -> bool: |
| 113 | """ |
| 114 | 验证密码是否匹配 |
| 115 | 支持新格式 (sha256$salt$hash) 和旧格式 (明文) |
| 116 | """ |
| 117 | if not hashed: |
| 118 | return False |
| 119 | |
| 120 | # 新格式: sha256$salt$hash |
| 121 | if hashed.startswith("sha256$"): |
| 122 | parts = hashed.split("$") |
| 123 | if len(parts) != 3: |
| 124 | return False |
| 125 | _, salt, stored_hash = parts |
| 126 | password_hash = hashlib.sha256(f"{salt}{password}".encode()).hexdigest() |
| 127 | return password_hash == stored_hash |
| 128 | |
| 129 | # 旧格式: 明文比较 (兼容迁移前的数据) |
| 130 | return password == hashed |
| 131 | |
| 132 | |
| 133 | def is_password_hashed(password: str) -> bool: |
no outgoing calls