Unified password hashing for User and Signup
Previously User used salted SHA512 with OpenLDAP-style prefix syntax and Signup used crypt. Both models had their own hashing and verification code. Now both use OpenLDAP-style syntax with support for all traditional formats including crypt. Salted SHA512 is used for new User and Signup passwords. Existing Signup objects are migrated to the new format and remain functional. User passwords now support gradual migration to another hash algorithm when it is changed in the future. This code is planned to be used for database-stored API and OAuth2 client secrets.
Showing
- tests/test_api.py 31 additions, 2 deletionstests/test_api.py
- tests/test_invite.py 1 addition, 1 deletiontests/test_invite.py
- tests/test_password_hash.py 181 additions, 0 deletionstests/test_password_hash.py
- tests/test_selfservice.py 13 additions, 13 deletionstests/test_selfservice.py
- tests/test_session.py 14 additions, 1 deletiontests/test_session.py
- tests/test_signup.py 10 additions, 9 deletionstests/test_signup.py
- tests/test_user.py 13 additions, 13 deletionstests/test_user.py
- uffd/api/views.py 4 additions, 0 deletionsuffd/api/views.py
- uffd/migrations/versions/af07cea65391_unified_password_hashing_for_user_and_signup.py 67 additions, 0 deletions...7cea65391_unified_password_hashing_for_user_and_signup.py
- uffd/password_hash.py 273 additions, 0 deletionsuffd/password_hash.py
- uffd/session/views.py 4 additions, 1 deletionuffd/session/views.py
- uffd/signup/models.py 11 additions, 14 deletionsuffd/signup/models.py
- uffd/signup/views.py 6 additions, 2 deletionsuffd/signup/views.py
- uffd/user/models.py 4 additions, 40 deletionsuffd/user/models.py
Loading
Please register or sign in to comment