Jon Moroney
136ec9b62b
Refs #31358 -- Added decode() to password hashers.
...
By convention a hasher which does not use a salt should populate the
decode dict with `None` rather than omit the dict key.
Co-Authored-By: Florian Apolloner <apollo13@users.noreply.github.com>
2020-06-23 08:36:59 +02:00
Florian Apolloner
1621f06051
Fixed #30472 -- Made Argon2PasswordHasher use Argon2id.
2020-06-17 08:10:41 +02:00
Florian Apolloner
ee49cf4f35
Added test for old Argon2i hashes with version attribute.
2020-06-17 08:10:41 +02:00
Mariusz Felisiak
f2187a227f
Increased the default PBKDF2 iterations for Django 3.2.
2020-05-13 09:07:51 +02:00
Hasan Ramezani
8aa71f4e87
Fixed #31375 -- Made contrib.auth.hashers.make_password() accept only bytes or strings.
2020-03-31 10:52:56 +02:00
Hasan Ramezani
b3ab92cc5a
Refs #31375 -- Added test for contrib.auth.hashers.make_password() bytes support.
2020-03-31 10:49:39 +02:00
Hasan Ramezani
579f33eb79
Replaced assertWarns() with SimpleTestCase.assertWarnsMessage() in tests.
2020-01-30 11:19:50 +01:00
Mariusz Felisiak
1960d55f8b
Refs #31040 -- Fixed crypt.crypt() call in test_hashers.py.
...
An empty string is invalid salt in Python 3 and raises exception since
Python 3.9, see https://bugs.python.org/issue38402 .
2020-01-03 07:47:04 +01:00
Carlton Gibson
b5db65c4fb
Increased the default PBKDF2 iterations for Django 3.1.
2019-09-12 17:24:01 +02:00
Tim Graham
06670015f7
Increased the default PBKDF2 iterations for Django 3.0.
2019-01-17 11:15:27 -05:00
Tim Graham
9792af3648
Increased the default PBKDF2 iterations for Django 2.2.
2018-05-17 11:05:45 -04:00
Tim Graham
cae0107287
Increased the default PBKDF2 iterations for Django 2.1.
2018-05-13 20:06:20 -04:00
Tim Graham
a4f0e9aec7
Fixed #28718 -- Allowed user to request a password reset if their password doesn't use an enabled hasher.
...
Regression in aeb1389442
.
Reverted changes to is_password_usable() from
703c266682
and documentation changes from
92f48680db
.
2018-03-22 10:03:43 -04:00
Tim Graham
5b589a47b9
Fixed #29161 -- Removed BCryptPasswordHasher from PASSWORD_HASHERS.
2018-02-26 09:05:18 -05:00
Tim Graham
fa75b2cb51
Refs #27795 -- Removed force_bytes/text() usage in tests.
2018-02-07 14:20:04 -05:00
Mads Jensen
3e72f4b7b6
Completed test coverage for BasePasswordHasher.
2017-09-29 09:28:25 -04:00
Mads Jensen
776f6902d9
Moved BasePasswordHasher tests to its own test case.
2017-09-29 09:28:24 -04:00
Bruno Alla
6092ea8fa6
Refs #27804 -- Used subTest() in several tests.
2017-05-24 08:36:34 -04:00
Tim Graham
1c466994d9
Refs #23919 -- Removed misc Python 2/3 references.
2017-01-25 13:59:25 -05:00
Tim Graham
7aba69145d
Refs #23919 -- Removed django.test.mock Python 2 compatibility shim.
2017-01-20 08:17:20 -05:00
Tim Graham
109b33f64c
Refs #23919 -- Simplified assertRaisesRegex()'s that accounted for Python 2.
2017-01-20 08:49:47 +01:00
Simon Charette
9695b14982
Refs #23919 -- Removed str() conversion of type and method __name__.
2017-01-19 11:31:07 -05:00
Claude Paroz
d7b9aaa366
Refs #23919 -- Removed encoding preambles and future imports
2017-01-18 09:55:19 +01:00
Tim Graham
0bf3228eec
Increased the default PBKDF2 iterations for the 1.11 release cycle.
2017-01-17 20:52:05 -05:00
Tim Graham
b5f0b3478d
Fixed #27579 -- Added aliases for Python 3's assertion names in SimpleTestCase.
2016-12-07 17:42:31 -05:00
za
321e94fa41
Refs #27392 -- Removed "Tests that", "Ensures that", etc. from test docstrings.
2016-11-10 21:30:21 -05:00
Tim Graham
1915a7e5c5
Increased the default PBKDF2 iterations.
2016-05-20 09:19:19 -04:00
Bas Westerbaan
a5033dbc58
Refs #26033 -- Added password hasher support for Argon2 v1.3.
...
The previous version of Argon2 uses encoded hashes of the form:
$argon2d$m=8,t=1,p=1$<salt>$<data>
The new version of Argon2 adds its version into the hash:
$argon2d$v=19$m=8,t=1,p=1$<salt>$<data>
This lets Django handle both version properly.
2016-04-25 21:17:53 -04:00
Tim Graham
92053acbb9
Fixed E128 flake8 warnings in tests/.
2016-04-08 10:12:33 -04:00
Tim Graham
1243fdf5cb
Fixed #26395 -- Skipped the CryptPasswordHasher tests on platforms with a dummy crypt module.
2016-03-22 11:22:21 -04:00
Bas Westerbaan
b4250ea04a
Fixed #26033 -- Added Argon2 password hasher.
2016-03-08 11:22:18 -05:00
Florian Apolloner
67b46ba701
Fixed CVE-2016-2513 -- Fixed user enumeration timing attack during login.
...
This is a security fix.
2016-03-01 11:25:28 -05:00
Tim Graham
47b5a6a43c
Fixed #26187 -- Removed weak password hashers from PASSWORD_HASHERS.
2016-02-22 18:59:23 -05:00
Hasan
3d0dcd7f5a
Refs #26022 -- Used context manager version of assertRaises in tests.
2016-01-29 12:32:18 -05:00
Tim Graham
593c9eb660
Increased the default PBKDF2 iterations for the 1.10 release cycle.
2015-09-23 19:31:11 -04:00
Tim Graham
c21410aeeb
Fixed typo in "pbkdf2" test names.
2015-09-19 20:44:37 -04:00
Tim Graham
7f1168e387
Removed support for Python 3.3.
2015-06-18 08:36:50 -04:00
Tim Graham
b86abbceb9
Fixed #24115 -- Allowed bcrypt hashers to upgrade passwords on rounds change.
...
Thanks Florian Apolloner for the review.
2015-03-30 18:52:59 -04:00
Tim Graham
2d7aca3da0
Moved contrib.auth tests out of contrib.
2015-02-11 10:19:22 -05:00