Ticket #8647: models.py.diff

File models.py.diff, 1.7 KB (added by sammyrulez, 6 years ago)
  • .py

    old new  
    77from django.db.models.manager import EmptyManager
    88from django.contrib.contenttypes.models import ContentType
    99from django.utils.encoding import smart_str
    10 from django.utils.hashcompat import md5_constructor, sha_constructor
     10from django.utils.hashcompat import md5_constructor, sha_constructor, sha256_constructor
    1111from django.utils.translation import ugettext_lazy as _
    1212
    1313UNUSABLE_PASSWORD = '!' # This will never be a valid hash
     
    3434        return md5_constructor(salt + raw_password).hexdigest()
    3535    elif algorithm == 'sha1':
    3636        return sha_constructor(salt + raw_password).hexdigest()
     37    elif algorithm == 'sha256':
     38        from django.conf import settings
     39        salt = salt + settings.SECRET_KEY
     40        return sha256_constructor(salt + raw_password).hexdigest()
    3741    raise ValueError("Got unknown password algorithm type in password.")
    3842
    3943def check_password(raw_password, enc_password):
     
    4246    encryption formats behind the scenes.
    4347    """
    4448    algo, salt, hsh = enc_password.split('$')
     49   
    4550    return hsh == get_hexdigest(algo, salt, raw_password)
    4651
    4752class SiteProfileNotAvailable(Exception):
     
    165170
    166171    def set_password(self, raw_password):
    167172        import random
    168         algo = 'sha1'
     173        algo = 'sha256'
    169174        salt = get_hexdigest(algo, str(random.random()), str(random.random()))[:5]
    170175        hsh = get_hexdigest(algo, salt, raw_password)
    171176        self.password = '%s$%s$%s' % (algo, salt, hsh)
Back to Top