comparison test/test_cgi.py @ 4484:52e13bf0bb40

Add new config-option 'migrate_passwords' in section 'web'... ...to auto-migrate passwords at web-login time. Default for the new option is "yes" so if you don't want that passwords are auto-migrated to a more secure password scheme on user login, set this to "no" before running your tracker(s) after the upgrade.
author Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
date Thu, 14 Apr 2011 18:10:58 +0000
parents 17f796a78647
children 95aace124a8e
comparison
equal deleted inserted replaced
4483:22bc0426e348 4484:52e13bf0bb40
422 nodeid = self.db.user.create(username='2', 422 nodeid = self.db.user.create(username='2',
423 password=password.Password('foo')) 423 password=password.Password('foo'))
424 self.assertEqual(self.parseForm({'password': '', 424 self.assertEqual(self.parseForm({'password': '',
425 ':confirm:password': ''}, 'user', nodeid), 425 ':confirm:password': ''}, 'user', nodeid),
426 ({('user', nodeid): {}}, [])) 426 ({('user', nodeid): {}}, []))
427
428 def testPasswordMigration(self):
429 chef = self.db.user.lookup('Chef')
430 form = dict(__login_name='Chef', __login_password='foo')
431 cl = self._make_client(form)
432 # assume that the "best" algorithm is the first one and doesn't
433 # need migration, all others should be migrated.
434 for scheme in password.Password.known_schemes[1:]:
435 pw1 = password.Password('foo', scheme=scheme)
436 self.assertEqual(pw1.needs_migration(), True)
437 self.db.user.set(chef, password=pw1)
438 self.db.commit()
439 actions.LoginAction(cl).handle()
440 pw = self.db.user.get(chef, 'password')
441 self.assertEqual(pw, 'foo')
442 self.assertEqual(pw.needs_migration(), False)
443 pw1 = pw
444 self.assertEqual(pw1.needs_migration(), False)
445 scheme = password.Password.known_schemes[0]
446 self.assertEqual(scheme, pw1.scheme)
447 actions.LoginAction(cl).handle()
448 pw = self.db.user.get(chef, 'password')
449 self.assertEqual(pw, 'foo')
450 self.assertEqual(pw, pw1)
427 451
428 # 452 #
429 # Boolean 453 # Boolean
430 # 454 #
431 def testEmptyBoolean(self): 455 def testEmptyBoolean(self):

Roundup Issue Tracker: http://roundup-tracker.org/