Python for Entrepreneurs Transcripts
Chapter: User accounts and identity
Lecture: Accounts introduction
0:02 There is a very good chance that you are going to need
0:05 to manage user accounts as part of your online business.
0:08 It could be that you just put them on your mailing list and you email them things
0:11 and they do transactional purchases or something to this effect.
0:15 But for most businesses, we want to have users come back to our site,
0:18 have an account, be able to log in and have access to things.
0:22 And if that's the case, we're going to need to talk about
0:25 how you create model and store user accounts.
0:28 Not just how do you make it happen, but how do you do it securely,
0:31 and in a way that is really delightful for the users.
0:36 Like everything we put in our database
0:38 we're going to need to model users in SQLAlchemy,
0:42 we want to create our user or account class that map that to the database,
0:45 so we'll see how to do this in a way that is secure as well as high-performance,
0:50 so make sure we have the right indexes and uniqueness constraints and things like that.
0:54 We're going to talk about the importance of strong password hashes,
0:58 it's hardly a week that goes by that you don't hear some major web application
1:03 losing all of their user accounts, their database being dumped
1:07 in one way or another for a variety of reasons.
1:10 If you do things correctly, that will have no big impact in the world, right,
1:14 it will be too hard for people to recover the passwords.
1:17 But most sites do this wrong, luckily we're using Python
1:20 which makes it really easy as you'll see.
1:24 The thing that makes is easy is this library called passlib,
1:27 so we're going to be using passlib to hash and manage the sort of encrypted
1:31 one-way hashed elements in our database.
1:34 And primarily that is going to be our passwords.