| 1 | # vim: set ts=8 sw=4 sts=4 et ai tw=79:
|
|---|
| 2 | from django.contrib.auth.hashers import BasePasswordHasher
|
|---|
| 3 |
|
|---|
| 4 |
|
|---|
| 5 | class NoAlgorithmHasher(BasePasswordHasher):
|
|---|
| 6 | """
|
|---|
| 7 | Don't do any password creation. Just make sure the (empty) algorithm is
|
|---|
| 8 | caught when traversing the PASSWORD_HASHERS list.
|
|---|
| 9 |
|
|---|
| 10 | Normal Django passwords look like this:
|
|---|
| 11 |
|
|---|
| 12 | sha1$e8ca1$15bc9...
|
|---|
| 13 |
|
|---|
| 14 | md5crypt passwords look like this:
|
|---|
| 15 |
|
|---|
| 16 | $1$zwoKw2$fE8jKx...
|
|---|
| 17 |
|
|---|
| 18 | The password hashing algorithm is taken from the first string before the
|
|---|
| 19 | dollar sign. This is the empty string in this case.
|
|---|
| 20 |
|
|---|
| 21 | By default that yields the following error when the Django built-in auth
|
|---|
| 22 | traverses the PASSWORD_HASHERS list:
|
|---|
| 23 |
|
|---|
| 24 | ValueError: Unknown password hashing algorithm ''. Did you specify it
|
|---|
| 25 | in the PASSWORD_HASHERS setting?
|
|---|
| 26 |
|
|---|
| 27 | This handles things by always returning false. The other
|
|---|
| 28 | AUTHENTICATION_BACKEND already checked the md5crypt password style, so
|
|---|
| 29 | we're done here.
|
|---|
| 30 | """
|
|---|
| 31 | algorithm = ''
|
|---|
| 32 |
|
|---|
| 33 | def verify(self, password, encoded):
|
|---|
| 34 | return False
|
|---|