mtigas/cannonball_core_auth_crypto.py

## cannonball_core_auth_crypto.py
from django import VERSION
if (VERSION[0] == 1) and (VERSION[1] >= 4):
    from django.contrib.auth.hashers import PBKDF2PasswordHasher
    import hashlib

    class PBKDF2SHA384PasswordHasher(PBKDF2PasswordHasher):
        # don't use SHA512: growing the `iterations` too much will likely
        # cause name:itr:hash to grow beyond the 128 character limit for
        # the `password` field in DB
        #
        # At default 10,000 iterations, a SHA512 field is 122 characters long,
        # this one is only 97 characters long, leaving us a big margin (extra
        # iterations of factor of 10^30) to continue to grow our iterations size.
        #
        # Also: don't change iteration size here from now on. Built-in
        # `PBKDF2PasswordHasher.iterations` will grow with each version of
        # Django (staying 3x slower than Django's setting) meaning that
        # passwords will stay at constant slowness vs available CPU power as
        # long as we update Django.
        algorithm = "pbkdf2_sha384"
        digest = hashlib.sha384
        iterations = PBKDF2PasswordHasher.iterations * 3

## settings.py
#…
# ===== PASSWORD_HASHERS =====
# NEVER take anything out of this list. You can ADD to this list or REORDER
#   this list, but NEVER TAKE ANYTHING OUT.
# Top item is the 'preferred' algorithm -- passwords of other algorithms
#   will get converted to this on successful login or password reset. Other items
#   allow Django to read other algorithms so that they can be upgraded.
# READ: https://docs.djangoproject.com/en/1.5/topics/auth/passwords/
PASSWORD_HASHERS = (
    'cannonball.core.auth_crypto.PBKDF2SHA384PasswordHasher',
    'django.contrib.auth.hashers.PBKDF2PasswordHasher',
    'django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher',
    'django.contrib.auth.hashers.BCryptPasswordHasher',
    'django.contrib.auth.hashers.SHA1PasswordHasher', # IF YOU NEED DB TO BE COMPATIBLE WITH DJANGO <1.4, PUT THIS FIRST
    'django.contrib.auth.hashers.MD5PasswordHasher',
    'django.contrib.auth.hashers.CryptPasswordHasher',
)
#…
	from django import VERSION
	if (VERSION[0] == 1) and (VERSION[1] >= 4):
	from django.contrib.auth.hashers import PBKDF2PasswordHasher
	import hashlib

	class PBKDF2SHA384PasswordHasher(PBKDF2PasswordHasher):
	# don't use SHA512: growing the `iterations` too much will likely
	# cause name:itr:hash to grow beyond the 128 character limit for
	# the `password` field in DB
	#
	# At default 10,000 iterations, a SHA512 field is 122 characters long,
	# this one is only 97 characters long, leaving us a big margin (extra
	# iterations of factor of 10^30) to continue to grow our iterations size.
	#
	# Also: don't change iteration size here from now on. Built-in
	# `PBKDF2PasswordHasher.iterations` will grow with each version of
	# Django (staying 3x slower than Django's setting) meaning that
	# passwords will stay at constant slowness vs available CPU power as
	# long as we update Django.
	algorithm = "pbkdf2_sha384"
	digest = hashlib.sha384
	iterations = PBKDF2PasswordHasher.iterations * 3
	#…
	# ===== PASSWORD_HASHERS =====
	# NEVER take anything out of this list. You can ADD to this list or REORDER
	# this list, but NEVER TAKE ANYTHING OUT.
	# Top item is the 'preferred' algorithm -- passwords of other algorithms
	# will get converted to this on successful login or password reset. Other items
	# allow Django to read other algorithms so that they can be upgraded.
	# READ: https://docs.djangoproject.com/en/1.5/topics/auth/passwords/
	PASSWORD_HASHERS = (
	'cannonball.core.auth_crypto.PBKDF2SHA384PasswordHasher',
	'django.contrib.auth.hashers.PBKDF2PasswordHasher',
	'django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher',
	'django.contrib.auth.hashers.BCryptPasswordHasher',
	'django.contrib.auth.hashers.SHA1PasswordHasher', # IF YOU NEED DB TO BE COMPATIBLE WITH DJANGO <1.4, PUT THIS FIRST
	'django.contrib.auth.hashers.MD5PasswordHasher',
	'django.contrib.auth.hashers.CryptPasswordHasher',
	)
	#…