summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorJannis Leidel <jannis@leidel.info>2011-06-26 16:51:46 +0000
committerJannis Leidel <jannis@leidel.info>2011-06-26 16:51:46 +0000
commit4a1033898636f8c2cafc74c7934fdf7411716fdf (patch)
tree58721ca641a921aeaac227bd14cd611b11e1f6c9 /docs
parent2619dc828510cf36791fcf87705d2f9ce3176c86 (diff)
Fixed #14390 and #16262 -- Moved password related functions from auth models to utils module and stopped check_password from throwing an exception. Thanks, subsume and lrekucki.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16456 bcc190cf-cafb-0310-a4f2-bffc1f526a37
Diffstat (limited to 'docs')
-rw-r--r--docs/releases/1.4.txt5
-rw-r--r--docs/topics/auth.txt37
2 files changed, 36 insertions, 6 deletions
diff --git a/docs/releases/1.4.txt b/docs/releases/1.4.txt
index 0635ecefee..acaf3bf5f3 100644
--- a/docs/releases/1.4.txt
+++ b/docs/releases/1.4.txt
@@ -192,6 +192,11 @@ Django 1.4 also includes several smaller improvements worth noting:
* In the documentation, a helpful :doc:`security overview </topics/security>`
page.
+* Function :func:`django.contrib.auth.models.check_password` has been moved
+ to the :mod:`django.contrib.auth.utils` module. Importing it from the old
+ location will still work, but you should update your imports.
+
+
.. _backwards-incompatible-changes-1.4:
Backwards incompatible changes in 1.4
diff --git a/docs/topics/auth.txt b/docs/topics/auth.txt
index e7f606b3d0..c1947f61e1 100644
--- a/docs/topics/auth.txt
+++ b/docs/topics/auth.txt
@@ -627,19 +627,44 @@ Django provides two functions in :mod:`django.contrib.auth`:
.. _backends documentation: #other-authentication-sources
-Manually checking a user's password
+Manually managing a user's password
-----------------------------------
-.. currentmodule:: django.contrib.auth.models
+.. currentmodule:: django.contrib.auth.utils
+
+.. versionadded:: 1.4
+
+ The :mod:`django.contrib.auth.utils` module provides a set of functions
+ to create and validate hashed password. You can use them independently
+ from the ``User`` model.
.. function:: check_password()
If you'd like to manually authenticate a user by comparing a plain-text
password to the hashed password in the database, use the convenience
- function :func:`django.contrib.auth.models.check_password`. It takes two
- arguments: the plain-text password to check, and the full value of a user's
- ``password`` field in the database to check against, and returns ``True``
- if they match, ``False`` otherwise.
+ function :func:`django.contrib.auth.utils.check_password`. It takes two
+ arguments: the plain-text password to check, and the full value of a
+ user's ``password`` field in the database to check against, and returns
+ ``True`` if they match, ``False`` otherwise.
+
+.. function:: make_password()
+
+ .. versionadded:: 1.4
+
+ Creates a hashed password in the format used by this application. It takes
+ two arguments: hashing algorithm to use and the password in plain-text.
+ Currently supported algorithms are: ``'sha1'``, ``'md5'`` and ``'crypt'``
+ if you have the ``crypt`` library installed. If the second argument is
+ ``None``, an unusable password is returned (a one that will be never
+ accepted by :func:`django.contrib.auth.utils.check_password`).
+
+.. function:: is_password_usable()
+
+ .. versionadded:: 1.4
+
+ Checks if the given string is a hashed password that has a chance
+ of being verified against :func:`django.contrib.auth.utils.check_password`.
+
How to log a user out
---------------------