0001-fields-use-django-hashers-to-support-more-hashed-pas.patch
tests/test_form_pages.py | ||
---|---|---|
19 | 19 |
except ImportError: |
20 | 20 |
Image = None |
21 | 21 | |
22 |
from django.contrib.auth.hashers import PBKDF2PasswordHasher |
|
22 | 23 |
from quixote.http_request import Upload as QuixoteUpload |
23 | 24 |
from wcs.qommon.emails import docutils |
24 | 25 |
from wcs.qommon.form import UploadedFile |
... | ... | |
1937 | 1938 |
formdef = create_formdef() |
1938 | 1939 |
formdef.enable_tracking_codes = True |
1939 | 1940 |
formdef.fields = [fields.PasswordField(id='0', label='password', |
1940 |
formats=['sha1', 'md5', 'cleartext'])] |
|
1941 |
formats=['sha1', 'md5', 'cleartext', 'pbkdf2'])]
|
|
1941 | 1942 |
formdef.store() |
1942 | 1943 |
page = app.get('/test/') |
1943 | 1944 |
formdef.data_class().wipe() |
... | ... | |
1954 | 1955 |
assert formdef.data_class().count() == 1 |
1955 | 1956 |
data_id = formdef.data_class().select()[0].id |
1956 | 1957 |
data = formdef.data_class().get(data_id) |
1957 |
assert data.data == {'0': { |
|
1958 |
'sha1': hashlib.sha1(password).hexdigest(), |
|
1959 |
'md5': hashlib.md5(password).hexdigest(), |
|
1960 |
'cleartext': unicode(password, 'utf-8'), |
|
1961 |
}} |
|
1958 |
assert data.data['0']['sha1'] == hashlib.sha1(password).hexdigest() |
|
1959 |
assert data.data['0']['md5'] == hashlib.md5(password).hexdigest() |
|
1960 |
assert data.data['0']['cleartext'] == unicode(password, 'utf-8') |
|
1961 |
assert PBKDF2PasswordHasher().verify(password, data.data['0']['pbkdf2']) |
|
1962 | 1962 | |
1963 | 1963 |
def test_form_password_field_submit(pub): |
1964 | 1964 |
user = create_user(pub) |
wcs/fields.py | ||
---|---|---|
2301 | 2301 |
formats = [('cleartext', _('Clear text')), |
2302 | 2302 |
('md5', _('MD5')), |
2303 | 2303 |
('sha1', _('SHA1')), |
2304 |
('pbkdf2', _('PBKDF2')), |
|
2304 | 2305 |
] |
2305 | 2306 |
form.add(CheckboxesWidget, 'formats', title=_('Storage formats'), |
2306 | 2307 |
value=self.formats, options=formats, inline=True) |
wcs/qommon/form.py | ||
---|---|---|
66 | 66 |
from django.utils.six import StringIO |
67 | 67 | |
68 | 68 |
from django.conf import settings |
69 |
from django.contrib.auth.hashers import PBKDF2PasswordHasher |
|
69 | 70 |
from django.utils.safestring import mark_safe |
70 | 71 | |
71 | 72 |
from .template import render as render_template, Template, TemplateError |
... | ... | |
2180 | 2181 |
self.get_widget('pwd1').set_error(' '.join(set_errors)) |
2181 | 2182 |
pwd1 = None |
2182 | 2183 | |
2184 |
def make_encoder(cls): |
|
2185 |
hasher = cls() |
|
2186 |
def encoder(password): |
|
2187 |
return hasher.encode(password, hasher.salt()) |
|
2188 |
return encoder |
|
2189 | ||
2183 | 2190 |
PASSWORD_FORMATS = { |
2184 | 2191 |
'cleartext': lambda x: x, |
2185 | 2192 |
'md5': lambda x: hashlib.md5(x).hexdigest(), |
2186 | 2193 |
'sha1': lambda x: hashlib.sha1(x).hexdigest(), |
2194 |
'pbkdf2': make_encoder(PBKDF2PasswordHasher), |
|
2187 | 2195 |
} |
2188 | 2196 | |
2189 | 2197 |
if pwd1: |
2190 |
- |