0

I just wrote a simple script that asks a user for their username and password. It will then store the data to a data base. However, when I pull out the data (user wants to login) it shows the error: TypeError: expected string or bytes-like object.

I tried reformatting the password, but nothing helps. It does show me that the error is here:

line 27, in pull_from_db
    check_hash(password, hashed)
line 11, in check_hash
    if bcrypt.checkpw(password.encode('utf-8'), hashed):

This is the script.

Ethan
  • 876
  • 8
  • 18
  • 34
sOwlO
  • 3
  • 4

1 Answers1

0

You can get a type mismatch like then when the query fails completely, returning null/nothing. So the null sure isn't a string, or a bytes-like object.

Use a external database client (for SQLite3, the command line client will do) to run the query as a standalone.

sqlite3 ex1
sqlite> SELECT * FROM master

It'll be a good idea to just see what you have in there, make sure that it was stored correctly.

For your put_to_db() function, I recommend renaming your parameters to username,hash, because you certainly aren't passing a password in there, and you don't want confusion about that.

MotoRidingMelon
  • 2,347
  • 2
  • 21
  • 28
  • I changed the name of variable, no impact on program. And inputs are stored like this: ('coma', b'$2b$16$tn7kBtMAFYLdScsIX3fSrOrlr8JX/EN7g93LuR4ubPekAGjFI5bRS') ('toto', b'$2b$16$7Cp.gDImk8mP6fRZx9Jbz.VBy3OKVQ.ce/kgqK7aJvo7zEIPlnZaK') ('season', b'$2b$16$5viLa0XfuG7vwkJsorLMiuK6SeUG9AOOOIulpxQupNdWLgKsF9ADO') I will try to use external database, as you recommended. Thanks for reply. – sOwlO Dec 23 '20 at 05:46
  • Oh, yes, it wouldn't change the function, it's merely going to be more clear to YOU that you're getting a hash there, and not an actual password. – MotoRidingMelon Dec 23 '20 at 05:48
  • And It is stored as b'$2b$16$nEj1kUihMMKe6youUSS0kOqO4LT64o6IANOp0qBtWmxzW3N6nPVou' even when I don't use a b'' string. Maybe that's the problem? – sOwlO Dec 23 '20 at 05:48
  • Those look like properly hashed password... except for that leading b. And the quote marks shouldn't be there either. The hashing function is automatically adding a salt to the hash. It should look just like: $2b$16$nEj1kUihMMKe6youUSS0kOqO4LT64o6IANOp0qBtWmxzW3N6nPVou – MotoRidingMelon Dec 23 '20 at 05:51
  • That b'' is there because I encoded that to utf-8. (password.encode('utf-8')). But if I remove that encoding I get error: Unicode-objects must be encoded before hashing. – sOwlO Dec 23 '20 at 06:06