From 2a7d9ef23fff757d5aa8052c165cc189819e5ee2 Mon Sep 17 00:00:00 2001 From: Malcolm Tredinnick Date: Wed, 25 Apr 2007 09:34:29 +0000 Subject: [PATCH] Fixed #3316 -- Added support for crypt hashing of passwords, mostly to support easy porting from existing Unix-based legacy apps. Thanks, axiak@mit.edu. git-svn-id: http://code.djangoproject.com/svn/django/trunk@5073 bcc190cf-cafb-0310-a4f2-bffc1f526a37 --- AUTHORS | 1 + django/contrib/auth/models.py | 6 ++++++ docs/authentication.txt | 8 +++++--- 3 files changed, 12 insertions(+), 3 deletions(-) diff --git a/AUTHORS b/AUTHORS index f9eb5d9433..ec8eca8e2d 100644 --- a/AUTHORS +++ b/AUTHORS @@ -49,6 +49,7 @@ answer newbie questions, and generally made Django that much better: ant9000@netwise.it David Ascher Arthur + axiak@mit.edu Jiri Barton Ned Batchelder Shannon -jj Behrens diff --git a/django/contrib/auth/models.py b/django/contrib/auth/models.py index 6fe781a041..9ebef0f524 100644 --- a/django/contrib/auth/models.py +++ b/django/contrib/auth/models.py @@ -17,6 +17,12 @@ def check_password(raw_password, enc_password): elif algo == 'sha1': import sha return hsh == sha.new(salt+raw_password).hexdigest() + elif algo == 'crypt': + try: + import crypt + except ImportError: + raise ValueError, "Crypt password algorithm not supported in this environment." + return hsh == crypt.crypt(raw_password, salt) raise ValueError, "Got unknown password algorithm type in password." class SiteProfileNotAvailable(Exception): diff --git a/docs/authentication.txt b/docs/authentication.txt index f0902fad39..14ca581877 100644 --- a/docs/authentication.txt +++ b/docs/authentication.txt @@ -204,9 +204,11 @@ The ``password`` attribute of a ``User`` object is a string in this format:: That's hashtype, salt and hash, separated by the dollar-sign character. -Hashtype is either ``sha1`` (default) or ``md5`` -- the algorithm used to -perform a one-way hash of the password. Salt is a random string used to salt -the raw password to create the hash. +Hashtype is either ``sha1`` (default), ``md5`` or ``crypt`` -- the algorithm +used to perform a one-way hash of the password. Salt is a random string used +to salt the raw password to create the hash. Note that the ``crypt`` method is +only supported on platforms that have the standard Python ``crypt`` module +available. For example::