[Solved] Examine this Flask code snippet:from werkzeug.security import generate_password_hash, check_password_hash password = 'mypassword' hash = generate_password_hash(password) if check_password_hash(hash,... | Flask

Flask - Security Best Practices

Examine this Flask code snippet:

from werkzeug.security import generate_password_hash, check_password_hash
password = 'mypassword'
hash = generate_password_hash(password)
if check_password_hash(hash, password):
    print('Access granted')

What is the issue with this code?

Agenerate_password_hash should not be used for passwords

BThe arguments to check_password_hash are reversed

CPassword should be hashed twice before checking

DThe password variable should be bytes, not string

Step-by-Step Solution

Solution:

Step 1: Understand check_password_hash parameters
The function check_password_hash expects the hashed password as the first argument and the plain password as the second.
Step 2: Analyze the code
The code passes password as the first argument and hash as the second, which is reversed.
Final Answer:
The arguments to check_password_hash are reversed -> Option B
Quick Check:
Correct argument order is (hashed_password, plain_password) [OK]

Quick Trick: check_password_hash(hashed, plain) not reversed [OK]

Common Mistakes:

MISTAKES

Swapping the order of arguments in check_password_hash
Hashing the password twice unnecessarily
Passing bytes instead of strings without encoding

Master "Security Best Practices" in Flask

9 interactive learning modes - each teaches the same concept differently

Learn Why Deep Visual Try Challenge Project Recall Perf

More Flask Quizzes

Examine this Flask code snippet:

Step 1: Understand check_password_hash parameters

Step 2: Analyze the code

Final Answer:

Quick Check:

Want More Practice?