def test_check_password_upgrades_new_style_passwords(): user = models.User(username='******') # Generated with passlib.hash.bcrypt.encrypt('foobar', rounds=4, ident='2b') user._password = '******' user.check_password('foobar') assert not password_context.needs_update(user._password)
def test_check_password_only_upgrades_when_password_is_correct(): user = models.User(username='******') user.salt = 'somesalt' # Generated with passlib.hash.bcrypt.encrypt('foobar' + 'somesalt', rounds=10) user._password = '******' user.check_password('donkeys') assert user.salt is not None assert password_context.needs_update(user._password)