Refs #31358 -- Added constant for get_random_string()'s default alphabet.

This commit is contained in:
Florian Apolloner 2021-01-13 20:40:40 +01:00 committed by Mariusz Felisiak
parent 9204485396
commit 64cc9dcdad
2 changed files with 6 additions and 8 deletions

View File

@ -10,7 +10,7 @@ from django.core.exceptions import ImproperlyConfigured
from django.core.signals import setting_changed
from django.dispatch import receiver
from django.utils.crypto import (
constant_time_compare, get_random_string, pbkdf2,
RANDOM_STRING_CHARS, constant_time_compare, get_random_string, pbkdf2,
)
from django.utils.module_loading import import_string
from django.utils.translation import gettext_noop as _
@ -190,8 +190,8 @@ class BasePasswordHasher:
def salt(self):
"""Generate a cryptographically secure nonce salt in ASCII."""
# 12 returns a 71-bit value, log_2((26+26+10)^12) =~ 71 bits
return get_random_string(12)
# 12 returns a 71-bit value, log_2(len(RANDOM_STRING_CHARS)^12) =~ 71 bits
return get_random_string(12, RANDOM_STRING_CHARS)
def verify(self, password, encoded):
"""Check if the given password is correct."""

View File

@ -47,14 +47,12 @@ def salted_hmac(key_salt, value, secret=None, *, algorithm='sha1'):
NOT_PROVIDED = object() # RemovedInDjango40Warning.
RANDOM_STRING_CHARS = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'
# RemovedInDjango40Warning: when the deprecation ends, replace with:
# def get_random_string(length, allowed_chars='...'):
def get_random_string(length=NOT_PROVIDED, allowed_chars=(
'abcdefghijklmnopqrstuvwxyz'
'ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'
)):
# def get_random_string(length, allowed_chars=RANDOM_STRING_CHARS):
def get_random_string(length=NOT_PROVIDED, allowed_chars=RANDOM_STRING_CHARS):
"""
Return a securely generated random string.