Ticket #5600: salt.diff

File salt.diff, 819 bytes (added by Rick van Hattem <Rick.van.Hattem@…>, 7 years ago)

Patch for 10 character salt

  • contrib/auth/models.py

     
    88from django.utils.translation import ugettext_lazy as _
    99import datetime
    1010import urllib
     11import string
    1112
    1213UNUSABLE_PASSWORD = '!' # This will never be a valid hash
     14SALT_CHARACTERS = string.ascii_letters + string.digits
    1315
    1416try:
    1517    set
     
    183185    def set_password(self, raw_password):
    184186        import random
    185187        algo = 'sha1'
    186         salt = get_hexdigest(algo, str(random.random()), str(random.random()))[:5]
     188        salt = ''.join(random.choice(SALT_CHARACTERS) for c in range(10))
    187189        hsh = get_hexdigest(algo, salt, raw_password)
    188190        self.password = '%s$%s$%s' % (algo, salt, hsh)
    189191
Back to Top