From 357d1bd638e922cceea89bc5b9bce029cfa3cb48 Mon Sep 17 00:00:00 2001
From: Nick Sergeant <nick@nicksergeant.com>
Date: Mon, 12 Oct 2015 12:51:31 -0400
Subject: [PATCH] Fix bcrypt passwords.

---
 .gitignore                                    |  1 +
 Makefile                                      | 10 ++++++++
 accounts/management/__init__.py               |  0
 accounts/management/commands/__init__.py      |  0
 .../commands/migrate_user_passwords.py        | 23 +++++++++++++++++++
 settings.py                                   | 10 +++++++-
 6 files changed, 43 insertions(+), 1 deletion(-)
 create mode 100644 accounts/management/__init__.py
 create mode 100644 accounts/management/commands/__init__.py
 create mode 100644 accounts/management/commands/migrate_user_passwords.py

diff --git a/.gitignore b/.gitignore
index 8cdc439..e323ee0 100644
--- a/.gitignore
+++ b/.gitignore
@@ -10,6 +10,7 @@
 
 settings_local.py
 settings_local_server.py
+snipt.dump
 
 media/cache
 media/css/pro.css
diff --git a/Makefile b/Makefile
index 3df32c3..ca4398d 100644
--- a/Makefile
+++ b/Makefile
@@ -145,10 +145,20 @@ vagrant:
 	@$(ssh-vagrant) '$(pm) backfill_api_keys;'
 	@$(ssh-vagrant) '$(pm) rebuild_index --noinput;'
 
+pulldb:
+	@ssh nick@snipt.net -p 55555 'sudo su -c "pg_dump snipt|gzip > /tmp/snipt.dump" postgres'
+	@scp -q -P 55555 nick@snipt.net:/tmp/snipt.dump snipt.dump.gz
+	@dropdb snipt
+	@createdb snipt
+	@cat snipt.dump | gunzip | psql snipt
+	@cat snipt.dump | psql snipt
+	@rm snipt.dump snipt.dump.gz
+
 .PHONY: assets, \
 	db, \
 	deploy, \
 	deploy-heroku, \
+	pulldb, \
 	provision-server, \
 	provision-vagrant, \
 	salt-server, \
diff --git a/accounts/management/__init__.py b/accounts/management/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/accounts/management/commands/__init__.py b/accounts/management/commands/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/accounts/management/commands/migrate_user_passwords.py b/accounts/management/commands/migrate_user_passwords.py
new file mode 100644
index 0000000..737dcfc
--- /dev/null
+++ b/accounts/management/commands/migrate_user_passwords.py
@@ -0,0 +1,23 @@
+#!/usr/bin/env python
+
+from django.contrib.auth.models import User
+from django.core.management.base import BaseCommand
+
+
+class Command(BaseCommand):
+    help = u"Convert user passwords to use built-in Django bcrypt."
+
+    def handle(self, *args, **options):
+
+        users = User.objects.all()
+
+        self.stdout.write(u"Updating %s user passwords..." % users.count())
+
+        for user in users:
+            if user.password[0:3] == 'bc$':
+                pw = user.password
+                new_password = pw[0:3].replace('bc$', 'bcrypt$') + pw[3:]
+                user.password = new_password
+                user.save()
+
+        self.stdout.write(u"User passwords migrated successfully.")
diff --git a/settings.py b/settings.py
index 70b4ed6..1f06dd4 100644
--- a/settings.py
+++ b/settings.py
@@ -48,6 +48,15 @@ MANAGERS = ADMINS
 MEDIA_ROOT = os.path.join(BASE_PATH, 'media/uploads')
 MEDIA_URL = '/media/uploads/'
 MESSAGE_STORAGE = 'django.contrib.messages.storage.cookie.CookieStorage'
+PASSWORD_HASHERS = (
+    'django.contrib.auth.hashers.BCryptPasswordHasher',
+    'django.contrib.auth.hashers.BCryptSHA256PasswordHasher',
+    'django.contrib.auth.hashers.PBKDF2PasswordHasher',
+    'django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher',
+    'django.contrib.auth.hashers.SHA1PasswordHasher',
+    'django.contrib.auth.hashers.MD5PasswordHasher',
+    'django.contrib.auth.hashers.CryptPasswordHasher',
+)
 POSTMARK_API_KEY = os.environ.get('POSTMARK_API_KEY', '')
 PROJECT_PATH = os.path.abspath(os.path.dirname(__file__))
 RAVEN_CONFIG = {'dsn': os.environ.get('RAVEN_CONFIG_DSN', '')}
@@ -88,7 +97,6 @@ INSTALLED_APPS = (
     'django.contrib.sessions',
     'django.contrib.sites',
     'django.contrib.staticfiles',
-    'django_bcrypt',
     'gunicorn',
     'haystack',
     'markdown_deux',