Login

Tag "password"

Snippet List

Trigger a user password change

I would like to catch the raw plaintext password if a user created or change his password. First i tried to handle this with signals.post_save at the User class, like this: `dispatcher.connect(update, signal=signals.post_save, sender=User)` The problem is, in the User model exists e.g. 'last_login'. So the save method called every time, the user logged in :( And with post_save i get only the hashed password and not the plaintext source password. I found a simple way to trigger a user password change. I hacked directly into the django.contrib.auth.models.User.set_password() method. See the sourcecode. There exists a discussion in the [django-users thread](http://groups.google.com/group/django-users/browse_thread/thread/7c074e80a9cdcd21/) about this.

  • password
  • user-account
Read More

Use crypt instead of sha1 as password hash algorithm

This snippet uses signals to replace the `contrib.auth.models.User.set_password()` function with one that uses *crypt* instead of *sha1* to hash the password. *Crypt* is of course cryptographically inferior to *sha1*, but this may be useful for interoperability with legacy systems e.g. when sharing a user authentication database with unix, a MTA etc. For some reason the `User` class doesn't emit a `class_prepared` signal, which would otherwise be a better choice here. That's why I had to resort to patching each `User` instance separately. A clean way to deploy this snippet is to place it in the `models.py` of an otherwise empty app, and add the app in `settings.INSTALLED_APPS`. The order of `INSTALLED_APPS` doesn't matter since we're patching instances, not classes.

  • password
  • hash
  • crypt
Read More

New forms signup validation

This snippets provide username availability, double email and password validation. You can use it this way : f = SignupForm(request.POST) f.is_valid()

  • newforms
  • email
  • clean
  • signup
  • password
Read More

18 snippets posted so far.