1) Generate a random number.
2) Decrypt the password received by the client
3) Calculate a hash using the password and the random number
4) Save on the DB the random number (step 1) and the hash (step 3).
1) Decrypt the password received by the client
2) Calculate the hash using the random number saved on database.
3) Check if saved hash match with the one I just calculated.
Uh, I hope you are using SSL/TLS or something similar to transmit password information securely, otherwise this is vulnerable to a replay attack.
Since he said he is using a safe conection, I didn't clarify this part. But yes, I am, RSA (2048 bits key) with PKCS#1 v1.5 to be more exactly.
On hashes, depends on the algorithm you are using. For instance, MD5 has been broken, but SHA2 and SHA3 haven't (link: http://en.wikipedia.org/wiki/Sha512)
In case anyone in the future is interessed using the python lib, here is the link to its documentation:
And the package, current versions as of the date of this post: