2

I want to send the email to the user that will contains url+hash like this bleow

www.mywebsite.com/user/verify/121#$%3h2%^1kj3#$h2kj1h%$3kj%$21h

and save this hash against the user in the Database like this

ID | Email |Hash 1 | youremail@gmail.com |121#$%3h2%^1kj3#$h2kj1h%$3kj%$21h

When the user received the email it should check and compare the hash with it and perform the action as per situation.

My question is simple how to generate a unique hash for each user and how to store them in the Database.

  • What you're looking for is a unique ID, not hashing. [See this question](https://stackoverflow.com/questions/1602776/what-is-password-hashing) for explanation. – xyres Jun 21 '17 at 17:56

2 Answers2

4

If by "hash", you mean a unique string, you can just use uuid.uuid4 for that purpose.

>>> import uuid
>>> unique_id = str(uuid.uuid4())
>>> print unique_id
d8814205-f11e-46e1-925e-a878fc75cb8d
>>> # replace dashes, if you like
>>> unique_id.replace("-", "")

I've used this for projects where I need to verify a user's email.

P.S.: It's not called a hash, it's called a unique ID. Hashing is something else, where you generate a value from a given string. See this question for more explanation.

xyres
  • 20,487
  • 3
  • 56
  • 85
  • Thanks for the answer and clarification... One last question I should use charfield to save it in the database? –  Jun 21 '17 at 23:28
  • Yeah, there would be no problem with `CharFIeld`, since uuid will always be of a fixed length. – xyres Jun 22 '17 at 15:12
2

Django has a Cryptographic Signing module, which helps produce unique and verifiable signatures for any data you need. If you are trying to do this to verify that the request is done by the appropriate user or not, you can use the library to verify requests, without storing the hash in the database.

Abhash Anand
  • 316
  • 1
  • 3