Mercurial > p > roundup > code
comparison doc/upgrading.txt @ 6626:120b0bb05b6e
issue2551191 - Module deprication PEP 594. crypt
Handle missing crypt module "better" by raising an exception rather
than just silently failing to log in the user when a crypt encoded
password can't be checked.
Update tests and upgrading.txt too.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Sun, 20 Mar 2022 00:05:59 -0400 |
| parents | 2eec7a500333 |
| children | 9ca5cbffa0c4 |
comparison
equal
deleted
inserted
replaced
| 6625:a67692d50ede | 6626:120b0bb05b6e |
|---|---|
| 151 template. This can make fixing the error and navigation easier. You | 151 template. This can make fixing the error and navigation easier. You |
| 152 can use the ``_generic.404.html`` template to create a | 152 can use the ``_generic.404.html`` template to create a |
| 153 ``_generic.400.html`` by modifying the title and body text. You can test | 153 ``_generic.400.html`` by modifying the title and body text. You can test |
| 154 the 400 template by appending ``@template=400`` to the url for the | 154 the 400 template by appending ``@template=400`` to the url for the |
| 155 tracker. | 155 tracker. |
| 156 | |
| 157 Change passwords using crypt module (optional) | |
| 158 ---------------------------------------------- | |
| 159 | |
| 160 The crypt module is being removed from the standard library. Any | |
| 161 stored password using crypt encoding will fail to verify once the | |
| 162 crypt module is removed (expected in Python 3.13 see | |
| 163 pep-0594). Automatic migration of passwords (if enabled in config.ini) | |
| 164 re-encrypts old passwords using something other than crypt if a user | |
| 165 logs in using the web interface. | |
| 166 | |
| 167 You can find users with passwords still encrypted using crypt by | |
| 168 running:: | |
| 169 | |
| 170 roundup-admin -i <tracker_home> table password,id,username | |
| 171 | |
| 172 Look for lines starting with ``{CRYPT}``. You can reset the user's | |
| 173 password using:: | |
| 174 | |
| 175 roundup-admin -i <tracker_home> | |
| 176 roundup> set user16 password=somenewpassword | |
| 177 | |
| 178 changing ``16`` to the id in the second column of the table output. | |
| 179 The example uses interactive mode (indicated by the ``roundup>`` | |
| 180 prompt). This prevents the new password from showing up in the output | |
| 181 of ps or shell history. The new password will be encrypted using the | |
| 182 default encryption method (usually pbkdf2). | |
| 156 | 183 |
| 157 Migrating from 2.0.0 to 2.1.0 | 184 Migrating from 2.0.0 to 2.1.0 |
| 158 ============================= | 185 ============================= |
| 159 | 186 |
| 160 Rdbms version change from 5 to 6 (**) | 187 Rdbms version change from 5 to 6 (**) |