Ticket #19799: noalgorithmhasher.py

File noalgorithmhasher.py, 1.0 KB (added by wdoekes, 3 years ago)

Example to go along with fix2.

Line 
1# vim: set ts=8 sw=4 sts=4 et ai tw=79:
2from django.contrib.auth.hashers import BasePasswordHasher
3
4
5class NoAlgorithmHasher(BasePasswordHasher):
6    """
7    Don't do any password creation. Just make sure the (empty) algorithm is
8    caught when traversing the PASSWORD_HASHERS list.
9
10    Normal Django passwords look like this:
11
12        sha1$e8ca1$15bc9...
13
14    md5crypt passwords look like this:
15
16        $1$zwoKw2$fE8jKx...
17
18    The password hashing algorithm is taken from the first string before the
19    dollar sign. This is the empty string in this case.
20
21    By default that yields the following error when the Django built-in auth
22    traverses the PASSWORD_HASHERS list:
23
24        ValueError: Unknown password hashing algorithm ''. Did you specify it
25        in the PASSWORD_HASHERS setting?
26
27    This handles things by always returning false. The other
28    AUTHENTICATION_BACKEND already checked the md5crypt password style, so
29    we're done here.
30    """
31    algorithm = ''
32
33    def verify(self, password, encoded):
34        return False
Back to Top