def test_compare(self): from passlib.hash import md5_crypt obj = self.User() obj.password = Password(md5_crypt.encrypt('b')) other = self.User() other.password = Password(md5_crypt.encrypt('b')) # Not sure what to assert here; the test raised an error before. assert obj.password != other.password
def test_check_and_update(self): """ Should be able to compare the plaintext against a deprecated encrypted form and have it auto-update to the preferred version. """ from passlib.hash import md5_crypt obj = self.User() obj.password = Password(md5_crypt.encrypt('b')) assert obj.password.hash.decode('utf8').startswith('$1$') assert obj.password == 'b' assert obj.password.hash.decode('utf8').startswith('$pbkdf2-sha512$')
def test_check_and_update_persist(self): """ When a password is compared, the hash should update if needed to change the algorithm; and, commit to the database. """ from passlib.hash import md5_crypt obj = self.User() obj.password = Password(md5_crypt.encrypt('b')) self.session.add(obj) self.session.commit() assert obj.password.hash.decode('utf8').startswith('$1$') assert obj.password == 'b' self.session.commit() obj = self.session.query(self.User).get(obj.id) assert obj.password.hash.decode('utf8').startswith('$pbkdf2-sha512$') assert obj.password == 'b'