I am using admin-SDK of firebase in python
I have created a new user using the following code
user = auth.create_user(
email=email,
email_verified=False,
password=password,
display_name=name,
disabled=False)
now I have created a function that takes name , _email id _ and password from the user and fetch user using it's email id and then checks if entered details are correct.
def check_user(self, name, email, password): # fixme compare password
user = auth.get_user_by_email(email)
if user.display_name == name and user.email == email:# add password comparision
print('successful login')
return True
else:
print('username or password incorrect')
return False
I want to compare password entered with the password stored, but I am unable to compare as I can't access password, I can only access passwordHash using user.passwordHash and passwordSalt using user.passwordSalt.
is there any away I can find passwordHash or passwordSalt of password so I can compare the hashes.
The usual flow when using Firebase Authentication is that your users sign in with client-side code that uses a Firebase SDK directly. So in that case, Firebase itself would be performing the check whether the password is correct.
You can perform the check yourself, but you'll have to hash the plaintext password from the user in your code and then compare the stored and calculated hash values, essentially duplicating what Firebase already does. Firebase uses a modified version of scrypt to encrypt the passwords.