Code


Version 5 (modified by adrian, 8 years ago) (diff)

--

The Admin Application - Common pitfalls

Creating new users

Passwords

*Note: This is no longer a problem in the Django development version, as of [3520].*

One FAQ about the admin app is how to create new users. In particular how to set the password. It has been decided (and mooted on the lists) that the password field will only accept password hashes rather than plain text password. The problem is how one goes about generating these hashes. The following script will generate passwords on the command line. Run it with: python <scriptname> <password> and you'll get the correct output to paste into the admin app. IMPORTANT SECURITY NOTE: The password will turn up as plain text in your shell history, so take appropriate measures: change permissions, get an administrator you can trust or tweak the script not to use the command line.

import sha, random, sys
try:
    raw_password = sys.argv[1]
except IndexError:
    print "Oh your Designer. You only had to type one thing in. How easy do I have to make it for you?"
    sys.exit()
algo = 'sha1'
salt = sha.new(str(random.random())).hexdigest()[:5]
hsh = sha.new(salt+raw_password).hexdigest()
print "%s$%s$%s" % (algo, salt, hsh)