summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorClaude Paroz <claude@2xlibre.net>2012-04-13 11:40:44 +0000
committerClaude Paroz <claude@2xlibre.net>2012-04-13 11:40:44 +0000
commit2fa8b3f143c37172a9433dcd42a6fe3829280468 (patch)
treeac58388c3ae62ddb1608c278380668d530542a91 /docs
parent3f77b84489a73fd60949d3e72b6229d82ec16d1b (diff)
[1.4.X] Fixed #18118 -- Improved documentation for contrib.auth.hashers utility functions. Thanks Mathieu Agopian for the report and Ramiro Morales for the review.
Backport of r17905 from trunk. git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.4.X@17906 bcc190cf-cafb-0310-a4f2-bffc1f526a37
Diffstat (limited to 'docs')
-rw-r--r--docs/topics/auth.txt18
1 files changed, 12 insertions, 6 deletions
diff --git a/docs/topics/auth.txt b/docs/topics/auth.txt
index 1e73abd5a1..1b97c68791 100644
--- a/docs/topics/auth.txt
+++ b/docs/topics/auth.txt
@@ -427,6 +427,8 @@ checking passwords stored with PBKDF2SHA1, bcrypt_, SHA1_, etc. The next few
sections describe a couple of common ways advanced users may want to modify this
setting.
+.. _bcrypt_usage:
+
Using bcrypt with Django
~~~~~~~~~~~~~~~~~~~~~~~~
@@ -772,7 +774,7 @@ Manually managing a user's password
to create and validate hashed password. You can use them independently
from the ``User`` model.
-.. function:: check_password()
+.. function:: check_password(password, encoded)
.. versionadded:: 1.4
@@ -783,18 +785,22 @@ Manually managing a user's password
user's ``password`` field in the database to check against, and returns
``True`` if they match, ``False`` otherwise.
-.. function:: make_password()
+.. function:: make_password(password[, salt, hashers])
.. versionadded:: 1.4
Creates a hashed password in the format used by this application. It takes
- two arguments: hashing algorithm to use and the password in plain-text.
- Currently supported algorithms are: ``'sha1'``, ``'md5'`` and ``'crypt'``
- if you have the ``crypt`` library installed. If the second argument is
+ one mandatory argument: the password in plain-text. Optionally, you can
+ provide a salt and a hashing algorithm to use, if you don't want to use the
+ defaults (first entry of ``PASSWORD_HASHERS`` setting).
+ Currently supported algorithms are: ``'pbkdf2_sha256'``, ``'pbkdf2_sha1'``,
+ ``'bcrypt'`` (see :ref:`bcrypt_usage`), ``'sha1'``, ``'md5'``,
+ ``'unsalted_md5'`` (only for backward compatibility) and ``'crypt'``
+ if you have the ``crypt`` library installed. If the password argument is
``None``, an unusable password is returned (a one that will be never
accepted by :func:`django.contrib.auth.hashers.check_password`).
-.. function:: is_password_usable()
+.. function:: is_password_usable(encoded_password)
.. versionadded:: 1.4