Skip to content Skip to sidebar Skip to footer
Home / Asynchronous / Bcrypt / Pbkdf2 / Python / Tornado

How Can I Hash A Password In Tornado With Minimal Blocking?

Post a Comment
I'm using PBKDF2, but this applies equally to BCrypt. Hashing a password with a reasonable number of iterations can easily block for 0.5 seconds. What is a lightweight way to take

Solution 1:

You could use a thread. This will not block tornado. Say that you have a handler that hashes passwords. Then the two relevant methods might look like this:

import threading

defon_message(self, message):
    # pull out user and password from message somehow
    thread = threading.Thread(target=self.hash_password, args=(user, password))
    thread.start()


defhash_password(self, user, password):
    # do the hash and save to db or check against hashed password

You could either wait for the thread to finish in the on_message method then write the response, or if you don't need to send a response then just let it finish and save the results in the hash_password method.

If you do wait for the thread to finish you have to be careful how you do it. time.sleep will block so you will want to use tornado's non blocking wait instead.

Post a Comment for "How Can I Hash A Password In Tornado With Minimal Blocking?"