Flaskframework~30 mins

Password storage best practices in Flask - Mini Project: Build & Apply

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Perf

Password Storage Best Practices with Flask

📖 Scenario: You are building a simple Flask web app that allows users to register with a username and password. To keep user passwords safe, you need to store them securely using best practices.

🎯 Goal: Build a Flask app that stores user passwords securely by hashing them before saving. You will create the user data structure, configure the hashing setup, hash passwords on registration, and complete the Flask route to handle user signup.

📋 What You'll Learn

Create a dictionary to store users with their hashed passwords

Set up a password hashing function using Werkzeug security

Hash the password before storing it in the users dictionary

Complete the Flask route to accept username and password and store securely

💡 Why This Matters

🌍 Real World

Web applications must never store plain passwords. Hashing passwords protects user data if the database is compromised.

💼 Career

Understanding secure password storage is essential for backend developers and anyone working on user authentication systems.

Progress0 / 4 steps

Create user data storage

Create a dictionary called users to store usernames and their hashed passwords. Initialize it as an empty dictionary.

Flask

# Create an empty dictionary called users
# Your code here

Need a hint?

Use users = {} to create an empty dictionary.

Import and configure password hashing

Import generate_password_hash from werkzeug.security. This function will help hash passwords securely.

Flask

users = {}
# Import generate_password_hash from werkzeug.security
# Your code here

Need a hint?

Use from werkzeug.security import generate_password_hash to import the function.

Hash password before storing

Write a function called register_user that takes username and password. Inside, hash the password using generate_password_hash(password) and store it in the users dictionary with the username as key.

Flask

users = {}
from werkzeug.security import generate_password_hash

# Define register_user function
# Your code here

Need a hint?

Define a function that hashes the password and saves it in the users dictionary.

Complete Flask route for user registration

Create a Flask app with a route /register that accepts POST requests. Inside the route, get username and password from request.form, call register_user(username, password), and return a success message.

Flask

users = {}
from werkzeug.security import generate_password_hash
from flask import Flask, request

app = Flask(__name__)

def register_user(username, password):
    hashed = generate_password_hash(password)
    users[username] = hashed

# Create /register route to accept POST and register user
# Your code here

Need a hint?

Use Flask route decorator and get form data from request.form. Call the register_user function and return a message.