# pip install bcrypt
import bcrypt
PEPPER = b"My$ecretPepperKey" # secret pepper (store securely)
# Hash password
def hash_pw(pw: str):
return bcrypt.hashpw(pw.encode() + PEPPER, bcrypt.gensalt())
# Verify password
def verify_pw(stored: bytes, attempt: str):
return bcrypt.checkpw(attempt.encode() + PEPPER, stored)
# Example
user_pw = "my_secure_password123"
stored_hash = hash_pw(user_pw)
print("Stored Hash:", stored_hash)
# Login attempt
if verify_pw(stored_hash, "my_secure_password123"):
print("Password verified.")
else:
print("Invalid password.")