summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMalcolm Tredinnick <malcolm.tredinnick@gmail.com>2007-04-25 09:34:29 +0000
committerMalcolm Tredinnick <malcolm.tredinnick@gmail.com>2007-04-25 09:34:29 +0000
commit2a7d9ef23fff757d5aa8052c165cc189819e5ee2 (patch)
tree205b1b294f4473a51b0c33ce3dd796d6d56d037d
parent5dfe74f221f2e7c5dc7e5722bb322336c605c7b5 (diff)
Fixed #3316 -- Added support for crypt hashing of passwords, mostly to support
easy porting from existing Unix-based legacy apps. Thanks, axiak@mit.edu. git-svn-id: http://code.djangoproject.com/svn/django/trunk@5073 bcc190cf-cafb-0310-a4f2-bffc1f526a37
-rw-r--r--AUTHORS1
-rw-r--r--django/contrib/auth/models.py6
-rw-r--r--docs/authentication.txt8
3 files changed, 12 insertions, 3 deletions
diff --git a/AUTHORS b/AUTHORS
index f9eb5d9433..ec8eca8e2d 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -49,6 +49,7 @@ answer newbie questions, and generally made Django that much better:
ant9000@netwise.it
David Ascher <http://ascher.ca/>
Arthur <avandorp@gmail.com>
+ axiak@mit.edu
Jiri Barton
Ned Batchelder <http://www.nedbatchelder.com/>
Shannon -jj Behrens <http://jjinux.blogspot.com/>
diff --git a/django/contrib/auth/models.py b/django/contrib/auth/models.py
index 6fe781a041..9ebef0f524 100644
--- a/django/contrib/auth/models.py
+++ b/django/contrib/auth/models.py
@@ -17,6 +17,12 @@ def check_password(raw_password, enc_password):
elif algo == 'sha1':
import sha
return hsh == sha.new(salt+raw_password).hexdigest()
+ elif algo == 'crypt':
+ try:
+ import crypt
+ except ImportError:
+ raise ValueError, "Crypt password algorithm not supported in this environment."
+ return hsh == crypt.crypt(raw_password, salt)
raise ValueError, "Got unknown password algorithm type in password."
class SiteProfileNotAvailable(Exception):
diff --git a/docs/authentication.txt b/docs/authentication.txt
index f0902fad39..14ca581877 100644
--- a/docs/authentication.txt
+++ b/docs/authentication.txt
@@ -204,9 +204,11 @@ The ``password`` attribute of a ``User`` object is a string in this format::
That's hashtype, salt and hash, separated by the dollar-sign character.
-Hashtype is either ``sha1`` (default) or ``md5`` -- the algorithm used to
-perform a one-way hash of the password. Salt is a random string used to salt
-the raw password to create the hash.
+Hashtype is either ``sha1`` (default), ``md5`` or ``crypt`` -- the algorithm
+used to perform a one-way hash of the password. Salt is a random string used
+to salt the raw password to create the hash. Note that the ``crypt`` method is
+only supported on platforms that have the standard Python ``crypt`` module
+available.
For example::