From 6bd206e1ffcd6f2e16d6f615b6ba992448a149a8 Mon Sep 17 00:00:00 2001 From: Jon Moroney Date: Thu, 14 Jan 2021 07:11:19 +0100 Subject: [PATCH] Refs #31358 -- Added bcrypt password hashers tests for must_update() with salt(). --- tests/auth_tests/test_hashers.py | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/tests/auth_tests/test_hashers.py b/tests/auth_tests/test_hashers.py index 55c436b993a..8cd70d67215 100644 --- a/tests/auth_tests/test_hashers.py +++ b/tests/auth_tests/test_hashers.py @@ -3,9 +3,9 @@ from unittest import mock, skipUnless from django.conf.global_settings import PASSWORD_HASHERS from django.contrib.auth.hashers import ( UNUSABLE_PASSWORD_PREFIX, UNUSABLE_PASSWORD_SUFFIX_LENGTH, - BasePasswordHasher, PBKDF2PasswordHasher, PBKDF2SHA1PasswordHasher, - check_password, get_hasher, identify_hasher, is_password_usable, - make_password, + BasePasswordHasher, BCryptPasswordHasher, BCryptSHA256PasswordHasher, + PBKDF2PasswordHasher, PBKDF2SHA1PasswordHasher, check_password, get_hasher, + identify_hasher, is_password_usable, make_password, ) from django.test import SimpleTestCase from django.test.utils import override_settings @@ -305,6 +305,18 @@ class TestUtilsHashPass(SimpleTestCase): self.assertEqual(encoded, 'pbkdf2_sha1$260000$seasalt2$wAibXvW6jgvatCdONi6SMJ6q7mI=') self.assertTrue(hasher.verify('lètmein', encoded)) + @skipUnless(bcrypt, 'bcrypt not installed') + def test_bcrypt_salt_check(self): + hasher = BCryptPasswordHasher() + encoded = hasher.encode('lètmein', hasher.salt()) + self.assertIs(hasher.must_update(encoded), False) + + @skipUnless(bcrypt, 'bcrypt not installed') + def test_bcryptsha256_salt_check(self): + hasher = BCryptSHA256PasswordHasher() + encoded = hasher.encode('lètmein', hasher.salt()) + self.assertIs(hasher.must_update(encoded), False) + @override_settings( PASSWORD_HASHERS=[ 'django.contrib.auth.hashers.PBKDF2PasswordHasher',