relocate algorithm identification code to hashers module
|Reported by:||Owned by:||nobody|
|Cc:||Triage Stage:||Ready for checkin|
|Has patch:||yes||Needs documentation:||no|
|Needs tests:||no||Patch needs improvement:||no|
Pretty much all the code for manipulating password hashes has been moved to the
contrib.auth.hashers module. I noticed that the one exception to this is a small bit of code in
contrib.auth.forms:ReadOnlyPasswordHashWidget, which extracts the algorithm name from the encoded password hash, and then calls
The attached patch moves this code to a new function,
contrib.auth.hashers:identify_hasher, and adds unittests for it.
This is pretty much a cosmetic change to the existing code, but for various third-party projects which monkeypatch
contrib.auth to handle foreign password hashes (especially ones that don't use the alg$salt$hash format), this patch gives them a single function to patch so that password hashes can be identified correctly.
I know this might not have enough benefit to Django itself to be worth including in the main codebase, but I thought I'd work up the patch anyways.
Change History (5)
comment:1 Changed 4 years ago by
|Patch needs improvement:||unset|
|Triage Stage:||Unreviewed → Accepted|