novalon-manage-system/test_bcrypt_behavior.py

#!/usr/bin/env python3
"""
测试 BCryptPasswordEncoder 的行为
"""
import bcrypt

def test_bcrypt_behavior():
    password = "admin123"
    
    # 测试 strength=10
    print("Testing BCrypt with strength=10:")
    for i in range(3):
        hash_result = bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt(10))
        print(f"  Hash {i+1}: {hash_result.decode('utf-8')}")
        print(f"  Length: {len(hash_result)}")
        print(f"  Matches: {bcrypt.checkpw(password.encode('utf-8'), hash_result)}")
    
    print("\nTesting BCrypt with strength=12:")
    for i in range(3):
        hash_result = bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt(12))
        print(f"  Hash {i+1}: {hash_result.decode('utf-8')}")
        print(f"  Length: {len(hash_result)}")
        print(f"  Matches: {bcrypt.checkpw(password.encode('utf-8'), hash_result)}")
    
    print("\nCross-testing:")
    # 用 strength=10 生成的哈希
    hash_10 = bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt(10))
    print(f"Hash with strength=10: {hash_10.decode('utf-8')}")
    
    # 用 strength=12 生成的哈希
    hash_12 = bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt(12))
    print(f"Hash with strength=12: {hash_12.decode('utf-8')}")
    
    # 测试交叉验证
    print(f"\nPassword matches hash_10: {bcrypt.checkpw(password.encode('utf-8'), hash_10)}")
    print(f"Password matches hash_12: {bcrypt.checkpw(password.encode('utf-8'), hash_12)}")
    
    # 测试不同 strength 的哈希是否能互相验证
    print(f"\nCan hash_10 verify password: {bcrypt.checkpw(password.encode('utf-8'), hash_10)}")
    print(f"Can hash_12 verify password: {bcrypt.checkpw(password.encode('utf-8'), hash_12)}")

if __name__ == '__main__':
    test_bcrypt_behavior()