mirror of https://github.com/django/django.git
Refs #31358 -- Added constant for get_random_string()'s default alphabet.
This commit is contained in:
parent
9204485396
commit
64cc9dcdad
|
@ -10,7 +10,7 @@ from django.core.exceptions import ImproperlyConfigured
|
||||||
from django.core.signals import setting_changed
|
from django.core.signals import setting_changed
|
||||||
from django.dispatch import receiver
|
from django.dispatch import receiver
|
||||||
from django.utils.crypto import (
|
from django.utils.crypto import (
|
||||||
constant_time_compare, get_random_string, pbkdf2,
|
RANDOM_STRING_CHARS, constant_time_compare, get_random_string, pbkdf2,
|
||||||
)
|
)
|
||||||
from django.utils.module_loading import import_string
|
from django.utils.module_loading import import_string
|
||||||
from django.utils.translation import gettext_noop as _
|
from django.utils.translation import gettext_noop as _
|
||||||
|
@ -190,8 +190,8 @@ class BasePasswordHasher:
|
||||||
|
|
||||||
def salt(self):
|
def salt(self):
|
||||||
"""Generate a cryptographically secure nonce salt in ASCII."""
|
"""Generate a cryptographically secure nonce salt in ASCII."""
|
||||||
# 12 returns a 71-bit value, log_2((26+26+10)^12) =~ 71 bits
|
# 12 returns a 71-bit value, log_2(len(RANDOM_STRING_CHARS)^12) =~ 71 bits
|
||||||
return get_random_string(12)
|
return get_random_string(12, RANDOM_STRING_CHARS)
|
||||||
|
|
||||||
def verify(self, password, encoded):
|
def verify(self, password, encoded):
|
||||||
"""Check if the given password is correct."""
|
"""Check if the given password is correct."""
|
||||||
|
|
|
@ -47,14 +47,12 @@ def salted_hmac(key_salt, value, secret=None, *, algorithm='sha1'):
|
||||||
|
|
||||||
|
|
||||||
NOT_PROVIDED = object() # RemovedInDjango40Warning.
|
NOT_PROVIDED = object() # RemovedInDjango40Warning.
|
||||||
|
RANDOM_STRING_CHARS = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'
|
||||||
|
|
||||||
|
|
||||||
# RemovedInDjango40Warning: when the deprecation ends, replace with:
|
# RemovedInDjango40Warning: when the deprecation ends, replace with:
|
||||||
# def get_random_string(length, allowed_chars='...'):
|
# def get_random_string(length, allowed_chars=RANDOM_STRING_CHARS):
|
||||||
def get_random_string(length=NOT_PROVIDED, allowed_chars=(
|
def get_random_string(length=NOT_PROVIDED, allowed_chars=RANDOM_STRING_CHARS):
|
||||||
'abcdefghijklmnopqrstuvwxyz'
|
|
||||||
'ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'
|
|
||||||
)):
|
|
||||||
"""
|
"""
|
||||||
Return a securely generated random string.
|
Return a securely generated random string.
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue