TypeError: no salt specified in flask(about sha256)

Question

I am following a tutorial on flask from Youtube to build my own website. However, there is an error even though I followed every step as stated in the video.

My Operating System is MacOS, but the author of the video uses Linux.

Here is my relevant code:

from passlib.hash import sha256_crypt

class register_form(Form):
    username=StringField('Username',[validators.Length(min=2,max=30)])
    password=PasswordField('Password',[
        validators.Length(min=4,max=20),
        validators.EqualTo('confirm',message='Password do not match')
        ])
    confirm=PasswordField('Confirm Password')
    email=StringField('E-mail',[validators.Length(min=6,max=30)])

@app.route('/register',methods=['GET','POST'])
def register():
    form_reg=register_form(request.form)
    if request.method=='POST' and form_reg.validate():
        username=form_reg.username.data
        email=form_reg.username.data
        password=sha256_crypt().encrypt(str(form_reg.password.data))
        #create cursor
        cur=mysql.connection.cursor()
        cur.execute("INSERT INTO users(username,email,password) VALUES(%s,%s,%s)",(username,email,password))
        #commit to db
        mysql.connection.commit()
        cur.close()
        flash('Register successfully,returning to home page...','success')
        #jump to home if success
        redirect(url_for('/home'))
        return render_template('register.html',user=userinfo)
    return render_template('register.html',form=form_reg,user=userinfo)

And attached is my screenshot regarding the error, hopefully it might be helpful:

Any ideas on what I can try?

Any help would be greatly appreciated!

Nathan · Accepted Answer · 2019-04-26T17:29:03.350

Looking at passlib's documentation the encrypt() method takes a secret as a parameter and this secret must be in either unicode or bytes:

classmethod PasswordHash.encrypt(secret, **kwds)

Parameters:

secret (unicode or bytes) – string containing the password to encode.

If it isn't in unicode or bytes this method will throw a TypeError as you're seeing in your screenshot:

TypeError:

if secret is not unicode or bytes.
if a keyword argument had an incorrect type.
if a required keyword was not provided.

You could try encoding your password string into Unicode before attempting to call the encrypt() method and seeing if this resolves your error. Something along the lines of:

password_utf=form_reg.password.data.encode()
password = sha256_crypt().encrypt(password_utf)

Alternatively, maybe you could try hashing your form password like the following instead:

# generate new salt, hash password

password = sha256_crypt.hash(form_reg.password.data))

Hopefully that helps!

The first sol doesn't work and still shows the same error. for the second one, there is a new error:```Authentication plugin 'caching_sha2_password' cannot be loaded``` I found somebody faced the same dilemma with me on [https://stackoverflow.com/questions/49194719/authentication-plugin-caching-sha2-password-cannot-be-loaded] I will try it, thanks — Yiling Liu, Apr 26 '19 at 17:45

TypeError: no salt specified in flask(about sha256)

1 Answers1