diff options
| author | Donald Stufft <donald@stufft.io> | 2013-05-11 10:53:18 -0700 |
|---|---|---|
| committer | Donald Stufft <donald@stufft.io> | 2013-05-11 10:53:18 -0700 |
| commit | 11c7ec79938493c2123bad4aa155a2bde251fe62 (patch) | |
| tree | e637f56da72880c9fa01207eaac6bec0e392289f | |
| parent | 2bf403ecbd958bfb269794b36e61b69f0aede4cf (diff) | |
| parent | 3070e8f711f891aa3bf6e9d1e123047094bf1bb0 (diff) | |
Merge pull request #1052 from dstufft/bcrypt-python3
BCrypt on Python3
| -rw-r--r-- | django/contrib/auth/hashers.py | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/django/contrib/auth/hashers.py b/django/contrib/auth/hashers.py index 092cccedde..2e0fb0a034 100644 --- a/django/contrib/auth/hashers.py +++ b/django/contrib/auth/hashers.py @@ -9,7 +9,7 @@ from django.conf import settings from django.test.signals import setting_changed from django.utils import importlib from django.utils.datastructures import SortedDict -from django.utils.encoding import force_bytes, force_str +from django.utils.encoding import force_bytes, force_str, force_text from django.core.exceptions import ImproperlyConfigured from django.utils.crypto import ( pbkdf2, constant_time_compare, get_random_string) @@ -291,7 +291,7 @@ class BCryptSHA256PasswordHasher(BasePasswordHasher): password = force_bytes(password) data = bcrypt.hashpw(password, salt) - return "%s$%s" % (self.algorithm, data) + return "%s$%s" % (self.algorithm, force_text(data)) def verify(self, password, encoded): algorithm, data = encoded.split('$', 1) @@ -307,6 +307,9 @@ class BCryptSHA256PasswordHasher(BasePasswordHasher): else: password = force_bytes(password) + # Ensure that our data is a bytestring + data = force_bytes(data) + return constant_time_compare(data, bcrypt.hashpw(password, data)) def safe_summary(self, encoded): |
