Browse Source

Fix bcrypt passwords.

master
Nick Sergeant 6 years ago
parent
commit
357d1bd638
6 changed files with 43 additions and 1 deletions
  1. +1
    -0
      .gitignore
  2. +10
    -0
      Makefile
  3. +0
    -0
      accounts/management/__init__.py
  4. +0
    -0
      accounts/management/commands/__init__.py
  5. +23
    -0
      accounts/management/commands/migrate_user_passwords.py
  6. +9
    -1
      settings.py

+ 1
- 0
.gitignore View File

@@ -10,6 +10,7 @@

settings_local.py
settings_local_server.py
snipt.dump

media/cache
media/css/pro.css


+ 10
- 0
Makefile View File

@@ -145,10 +145,20 @@ vagrant:
@$(ssh-vagrant) '$(pm) backfill_api_keys;'
@$(ssh-vagrant) '$(pm) rebuild_index --noinput;'

pulldb:
@ssh nick@snipt.net -p 55555 'sudo su -c "pg_dump snipt|gzip > /tmp/snipt.dump" postgres'
@scp -q -P 55555 nick@snipt.net:/tmp/snipt.dump snipt.dump.gz
@dropdb snipt
@createdb snipt
@cat snipt.dump | gunzip | psql snipt
@cat snipt.dump | psql snipt
@rm snipt.dump snipt.dump.gz

.PHONY: assets, \
db, \
deploy, \
deploy-heroku, \
pulldb, \
provision-server, \
provision-vagrant, \
salt-server, \


+ 0
- 0
accounts/management/__init__.py View File


+ 0
- 0
accounts/management/commands/__init__.py View File


+ 23
- 0
accounts/management/commands/migrate_user_passwords.py View File

@@ -0,0 +1,23 @@
#!/usr/bin/env python

from django.contrib.auth.models import User
from django.core.management.base import BaseCommand


class Command(BaseCommand):
help = u"Convert user passwords to use built-in Django bcrypt."

def handle(self, *args, **options):

users = User.objects.all()

self.stdout.write(u"Updating %s user passwords..." % users.count())

for user in users:
if user.password[0:3] == 'bc$':
pw = user.password
new_password = pw[0:3].replace('bc$', 'bcrypt$') + pw[3:]
user.password = new_password
user.save()

self.stdout.write(u"User passwords migrated successfully.")

+ 9
- 1
settings.py View File

@@ -48,6 +48,15 @@ MANAGERS = ADMINS
MEDIA_ROOT = os.path.join(BASE_PATH, 'media/uploads')
MEDIA_URL = '/media/uploads/'
MESSAGE_STORAGE = 'django.contrib.messages.storage.cookie.CookieStorage'
PASSWORD_HASHERS = (
'django.contrib.auth.hashers.BCryptPasswordHasher',
'django.contrib.auth.hashers.BCryptSHA256PasswordHasher',
'django.contrib.auth.hashers.PBKDF2PasswordHasher',
'django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher',
'django.contrib.auth.hashers.SHA1PasswordHasher',
'django.contrib.auth.hashers.MD5PasswordHasher',
'django.contrib.auth.hashers.CryptPasswordHasher',
)
POSTMARK_API_KEY = os.environ.get('POSTMARK_API_KEY', '')
PROJECT_PATH = os.path.abspath(os.path.dirname(__file__))
RAVEN_CONFIG = {'dsn': os.environ.get('RAVEN_CONFIG_DSN', '')}
@@ -88,7 +97,6 @@ INSTALLED_APPS = (
'django.contrib.sessions',
'django.contrib.sites',
'django.contrib.staticfiles',
'django_bcrypt',
'gunicorn',
'haystack',
'markdown_deux',


Loading…
Cancel
Save