Пример #1
0
    def check_password(self, raw_password):
        """
        Check a raw PW against the DB.

        Checks strong hashes, but falls back to built-in hashes as needed.
        Supports automatic upgrading to stronger hashes.
        """
        hashed_with = self.password.split("$", 1)[0]
        if hashed_with == "bcrypt":
            matched = bcrypt_auth.check_password(self, raw_password)
        else:
            matched = check_password_old(self, raw_password)

        # Update password hash in DB if out-of-date hash algorithm is used and
        # auto-upgrading is enabled.
        if matched and getattr(settings, "PWD_REHASH", True) and hashed_with != algo:
            self.set_password(raw_password)
            self.save()

        return matched
Пример #2
0
    def check_password(self, raw_password):
        """
        Check a raw PW against the DB.

        Checks strong hashes, but falls back to built-in hashes as needed.
        Supports automatic upgrading to stronger hashes.
        """
        hashed_with = self.password.split('$', 1)[0]
        if hashed_with == 'bcrypt':
            matched = bcrypt_auth.check_password(self, raw_password)
        else:
            matched = check_password_old(self, raw_password)

        # Update password hash in DB if out-of-date hash algorithm is used and
        # auto-upgrading is enabled.
        if (matched and getattr(settings, 'PWD_REHASH', True)
                and hashed_with != algo):
            self.set_password(raw_password)
            self.save()

        return matched
Пример #3
0
    def check_password(self, raw_password):
        """
        Check a raw PW against the DB.

        Checks strong hashes, but falls back to built-in hashes as needed.
        Supports automatic upgrading to stronger hashes.
        """
        hashed_with = self.password.split('$', 1)[0]
        if hashed_with in ['bcrypt', 'hh'] or \
           hashed_with in get_dynamic_hasher_names(settings.HMAC_KEYS):
            matched = bcrypt_auth.check_password(self, raw_password)
        else:
            matched = check_password_old(self, raw_password)

        # Update password hash in DB if out-of-date hash algorithm is used and
        # auto-upgrading is enabled.
        if (matched and getattr(settings, 'PWD_REHASH', True) and
            hashed_with != algo):
            self.set_password(raw_password)
            self.save()

        return matched
Пример #4
0
 def check_password(self, raw_password):
     if self.password.startswith('bcrypt$'):
         return bcrypt_auth.check_password(self.password, raw_password)
     return check_password_old(self, raw_password)