Ticket #18144: 18144-1.diff

File 18144-1.diff, 1.4 KB (added by claudep, 3 years ago)

Handle md5$$... syntax

  • django/contrib/auth/hashers.py

    diff --git a/django/contrib/auth/hashers.py b/django/contrib/auth/hashers.py
    index 5824685..769ba32 100644
    a b def check_password(password, encoded, setter=None, preferred='default'): 
    3737
    3838    if len(encoded) == 32 and '$' not in encoded:
    3939        hasher = get_hasher('unsalted_md5')
     40    elif len(encoded) == 37 and encoded.startswith('md5$$'):
     41        hasher = get_hasher('unsalted_md5')
     42        encoded = encoded[5:]
    4043    else:
    4144        algorithm = encoded.split('$', 1)[0]
    4245        hasher = get_hasher(algorithm)
  • django/contrib/auth/tests/hashers.py

    diff --git a/django/contrib/auth/tests/hashers.py b/django/contrib/auth/tests/hashers.py
    index 8a11511..c0adb3b 100644
    a b class TestUtilsHashPass(unittest.TestCase): 
    5959        self.assertTrue(is_password_usable(encoded))
    6060        self.assertTrue(check_password(u'letmein', encoded))
    6161        self.assertFalse(check_password('letmeinz', encoded))
     62        # Alternate unsalted syntax
     63        alt_encoded = "md5$$%s" % encoded
     64        self.assertTrue(is_password_usable(alt_encoded))
     65        self.assertTrue(check_password(u'letmein', alt_encoded))
     66        self.assertFalse(check_password('letmeinz', alt_encoded))
    6267
    6368    @skipUnless(crypt, "no crypt module to generate password.")
    6469    def test_crypt(self):
Back to Top