Snippet List
Password hashing method using the crypt-sha512 algorithm, To be able to generate password compatible with the crypt-sha512 method avaiable in the standard crypt function since glib2.7 and used on modern linux distros. This provides compatibility with programs and systems that use the glibc crypt library for encrypting passwords (such as shadow passwords used by modern Linux distributions) while providing extra security than the regular crypt-sha1 mechanism (available in Django as CryptPasswordHasher)
To use it you just need to add something like this to your django settings file:
---
PASSWORD_HASHERS = [
'utils.hashers.CryptSHA512PasswordHasher',
'django.contrib.auth.hashers.PBKDF2PasswordHasher',
'django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher',
'django.contrib.auth.hashers.BCryptSHA256PasswordHasher',
'django.contrib.auth.hashers.BCryptPasswordHasher',
'django.contrib.auth.hashers.SHA1PasswordHasher',
'django.contrib.auth.hashers.MD5PasswordHasher',
'django.contrib.auth.hashers.UnsaltedSHA1PasswordHasher',
'django.contrib.auth.hashers.UnsaltedMD5PasswordHasher',
'django.contrib.auth.hashers.CryptPasswordHasher',
]
---
You need to keep the standard hashers on the list to be able to convert existing passwords to the new method. The next time a user login after the modification the password will be converted automatically to first hasher on the list.
Thanks mmoreaux for his improvements!!
- password
- hash
- crypt
- sha512
- 1.9
I was trying to create a custom field to use the mysql encrypt() function on some data I wanted to store in the DB. initcrash on IRC pointed me to [this code](https://tracpub.yaco.es/cmsutils/browser/trunk/db/fields.py?rev=66) which I butchered as best as my little brain could. Amazingly enough I got it working (thanks to a couple answers from initcrash).
If anyone can clean this up that would be great. I'm also trying to figure out how I can a) create password reset link in the admin interface for this field without displaying the field or b) decrypt it so that the password field is pre-populated with the decrypted password. Otherwise it is submitting the encrypted string as a new password.
Anyways, I'm only a week or two into Django with no python experience so any suggestions are very welcome.
Hope this helps someone!
- mysql
- crypt
- custom-field
- encrypt()
This snippet uses signals to replace the `contrib.auth.models.User.set_password()` function with one that uses *crypt* instead of *sha1* to hash the password.
*Crypt* is of course cryptographically inferior to *sha1*, but this may be useful for interoperability with legacy systems e.g. when sharing a user authentication database with unix, a MTA etc.
For some reason the `User` class doesn't emit a `class_prepared` signal, which would otherwise be a better choice here. That's why I had to resort to patching each `User` instance separately.
A clean way to deploy this snippet is to place it in the `models.py` of an otherwise empty app, and add the app in `settings.INSTALLED_APPS`. The order of `INSTALLED_APPS` doesn't matter since we're patching instances, not classes.
3 snippets posted so far.