Heads up! To view this whole video, sign in with your Courses account or enroll in your free 7-day trial. Sign In Enroll
Start a free Courses trial
to watch this video
In "Build a Social Network with Flask", you hashed user passwords with bcrypt. Bcrypt is still very strong but, thanks to advances in GPUs, its days are numbered. A new way of securing user passwords is needed and I just happen to have one.
argon2
's documentation- Storing Passwords in a Highly Parallelized World
classmethod
docsstaticmethod
docs
You can leave the **kwargs
off of create_user
if you want. I find this to be handy way to add in flags like is_admin
or can_delete
, you just need to add them as fields on the model or in some sort of permissions system. It's a good idea to be forward-thinking in your designs!
Related Discussions
Have questions about this video? Start a discussion with the community and Treehouse staff.
Sign upRelated Discussions
Have questions about this video? Start a discussion with the community and Treehouse staff.
Sign up
You need to sign up for Treehouse in order to download course files.
Sign upYou need to sign up for Treehouse in order to set up Workspace
Sign up