Преглед на файлове

Fix bcrypt passwords.

master
Nick Sergeant преди 7 години
родител
ревизия
357d1bd638
  1. 1
      .gitignore
  2. 10
      Makefile
  3. 0
      accounts/management/__init__.py
  4. 0
      accounts/management/commands/__init__.py
  5. 23
      accounts/management/commands/migrate_user_passwords.py
  6. 10
      settings.py

1
.gitignore vendored

@ -10,6 +10,7 @@
settings_local.py
settings_local_server.py
snipt.dump
media/cache
media/css/pro.css

10
Makefile

@ -145,10 +145,20 @@ vagrant:
@$(ssh-vagrant) '$(pm) backfill_api_keys;'
@$(ssh-vagrant) '$(pm) rebuild_index --noinput;'
pulldb:
@ssh nick@snipt.net -p 55555 'sudo su -c "pg_dump snipt|gzip > /tmp/snipt.dump" postgres'
@scp -q -P 55555 nick@snipt.net:/tmp/snipt.dump snipt.dump.gz
@dropdb snipt
@createdb snipt
@cat snipt.dump | gunzip | psql snipt
@cat snipt.dump | psql snipt
@rm snipt.dump snipt.dump.gz
.PHONY: assets, \
db, \
deploy, \
deploy-heroku, \
pulldb, \
provision-server, \
provision-vagrant, \
salt-server, \

0
accounts/management/__init__.py

0
accounts/management/commands/__init__.py

23
accounts/management/commands/migrate_user_passwords.py

@ -0,0 +1,23 @@
#!/usr/bin/env python
from django.contrib.auth.models import User
from django.core.management.base import BaseCommand
class Command(BaseCommand):
help = u"Convert user passwords to use built-in Django bcrypt."
def handle(self, *args, **options):
users = User.objects.all()
self.stdout.write(u"Updating %s user passwords..." % users.count())
for user in users:
if user.password[0:3] == 'bc$':
pw = user.password
new_password = pw[0:3].replace('bc$', 'bcrypt$') + pw[3:]
user.password = new_password
user.save()
self.stdout.write(u"User passwords migrated successfully.")

10
settings.py

@ -48,6 +48,15 @@ MANAGERS = ADMINS
MEDIA_ROOT = os.path.join(BASE_PATH, 'media/uploads')
MEDIA_URL = '/media/uploads/'
MESSAGE_STORAGE = 'django.contrib.messages.storage.cookie.CookieStorage'
PASSWORD_HASHERS = (
'django.contrib.auth.hashers.BCryptPasswordHasher',
'django.contrib.auth.hashers.BCryptSHA256PasswordHasher',
'django.contrib.auth.hashers.PBKDF2PasswordHasher',
'django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher',
'django.contrib.auth.hashers.SHA1PasswordHasher',
'django.contrib.auth.hashers.MD5PasswordHasher',
'django.contrib.auth.hashers.CryptPasswordHasher',
)
POSTMARK_API_KEY = os.environ.get('POSTMARK_API_KEY', '')
PROJECT_PATH = os.path.abspath(os.path.dirname(__file__))
RAVEN_CONFIG = {'dsn': os.environ.get('RAVEN_CONFIG_DSN', '')}
@ -88,7 +97,6 @@ INSTALLED_APPS = (
'django.contrib.sessions',
'django.contrib.sites',
'django.contrib.staticfiles',
'django_bcrypt',
'gunicorn',
'haystack',
'markdown_deux',

Зареждане…
Отказ
Запис