0

I'm missing something somewhere. I have the following Python3 code to insert a user and password

INSERT INTO table_name (emailAddress, password) 
    VALUES(%s, crypt(%s, gen_salt('bf'))) 
    ON CONFLICT (emailAddress) DO NOTHING
    RETURNING memberId;

This seems to be working fine. It inserts a nice hashed password in the DB but I looked Here(https://www.postgresql.org/docs/8.3/pgcrypto.html) and have the following code to retrieve it:

SELECT * from table_name 
    WHERE emailAddress='{email_addy}' 
    AND password=crypt('{password}', '{password}');

and obviously the query keeps coming back as nothing. Can someone point me in the direction how I can get the info I want? I'm guessing the hash isn't matching up?

Improve this question

1 Answer 1

Reset to default
1

You are giving the same argument to "crypt" twice.

You instead need to give it the cleartext password, and the hash column.

AND password=crypt('{password}', password);
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Nice! @jjanes. That was the exact problem. I'll look into it more to make sure I understand how that works actually. Much appreciated.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.