At a guess, the stuff you are hashing is probably different before you even start. Compare the python bytes(password, utf8) bit to the gdscript (“password”), both in bytes yo make sure they match. If they do, rinse and repeat for every step and find out where the mismatch is, then maybe we can tell you why the mismatch is happening.
I am not familiar with python but I believe that common practice is to add the salt to the password before and then hash both together. But here you are hashing the password then re-hashing with the salt no? Maybe try combining the password and the salt then hash?
var password = "password"
var salt = "salt"
var hashed = (password + salt).sha256_buffer()
print(Marshalls.raw_to_base64(hashed))
I have tried that and that
var password = "password".sha256_text()
var salt = "salt".sha256_text()
var hashed = (password + salt).sha256_buffer()
print(Marshalls.raw_to_base64(hashed))
var ctx = HMACContext.new()
var salt = "salt".to_utf8_buffer()
ctx.start(HashingContext.HASH_SHA256, salt)
var password = "password".to_utf8_buffer()
ctx.update(password)
print(Marshalls.raw_to_base64(password))