Bird
0
0
FastAPIframework~10 mins

Password hashing with bcrypt in FastAPI - Step-by-Step Execution

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallPerf
Concept Flow - Password hashing with bcrypt
User inputs password
bcrypt hashes password
Store hashed password
User login attempt
bcrypt verifies password
Access granted or denied
This flow shows how bcrypt hashes a password when a user signs up, stores it, and later verifies it during login.
Execution Sample
FastAPI
from passlib.context import CryptContext
pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")

hashed = pwd_context.hash("mysecret")
valid = pwd_context.verify("mysecret", hashed)
This code hashes a password and then verifies it matches the original password.
Execution Table
StepActionInput PasswordHashed PasswordVerification PasswordVerification Result
1Hash passwordmysecret$2b$12$eW5...hashedvalue
2Verify password$2b$12$eW5...hashedvaluemysecretTrue
3Verify password$2b$12$eW5...hashedvaluewrongpassFalse
4EndVerification complete
💡 Verification stops after checking password matches or not.
Variable Tracker
VariableStartAfter HashAfter Verify TrueAfter Verify FalseFinal
hashedNone$2b$12$eW5...hashedvalue$2b$12$eW5...hashedvalue$2b$12$eW5...hashedvalue$2b$12$eW5...hashedvalue
validNoneNoneTrueFalseFalse
Key Moments - 2 Insights
Why can't we compare the hashed password directly to the plain password?
Because the hashed password is a scrambled version with salt, it looks different each time. We use bcrypt's verify method to check if the plain password matches the hash, as shown in steps 2 and 3 in the execution_table.
Why does hashing the same password twice produce different hashes?
bcrypt adds a random salt each time it hashes, so even the same password results in different hashes. This is why in step 1, the hashed password looks unique.
Visual Quiz - 3 Questions
Test your understanding
Look at the execution_table, what is the verification result when the input password is 'mysecret'?
ATrue
BFalse
CError
DNone
💡 Hint
Check row 2 under 'Verification Result' in the execution_table.
At which step does the hashed password get created?
AStep 3
BStep 2
CStep 1
DStep 4
💡 Hint
Look at the 'Action' column in the execution_table for when hashing happens.
If the password input during verification is wrong, what is the result?
ATrue
BFalse
CException thrown
DPassword rehashed
💡 Hint
See step 3 in the execution_table under 'Verification Result'.
Concept Snapshot
Password hashing with bcrypt in FastAPI:
- Use passlib CryptContext with bcrypt scheme
- Hash passwords with pwd_context.hash(password)
- Verify with pwd_context.verify(plain, hashed)
- Hashes include salt, so same password hashes differ
- Never store plain passwords, only hashed
- Verification returns True if passwords match
Full Transcript
This visual execution shows how bcrypt hashes a password and verifies it. First, the user inputs a password. bcrypt hashes it with a salt, producing a unique hash stored safely. Later, when the user logs in, bcrypt verifies the input password against the stored hash. The verification returns True if they match, False otherwise. Hashing the same password twice produces different hashes because of the salt. We never compare plain passwords directly to hashes; always use bcrypt's verify method. This ensures secure password handling in FastAPI applications.