Password hash iterations not updating.
|Reported by:||jared_mess||Owned by:||nobody|
|Has patch:||yes||Needs documentation:||no|
|Needs tests:||no||Patch needs improvement:||no|
If you follow the steps in the documentation:https://docs.djangoproject.com/en/dev/topics/auth/passwords/ to change the hash iterations through a subclass, the iterations don't update.
This looks like a trivial fix.
In hashers.py, check_password(password, encoded, setter=None, preferred='default'), it calls hasher.must_update instead of preferred.must_update.
*This is my first bug report here. I've read through all the FAQ and searched the bug DB, and couldn't find anything. If I've made a mistake, broke a cardinal rule, please let me know.
Change History (3)
comment:1 Changed 3 years ago by
|Patch needs improvement:||unset|
|Severity:||Normal → Release blocker|
|Triage Stage:||Unreviewed → Accepted|