Mercurial Repository: p/roundup/code: test/test

comparison test/test_cgi.py @ 4486:693c75d56ebe

Add new config-option 'password_pbkdf2_default_rounds'... ...in 'main' section to configure the default parameter for new password generation. Set this to a higher value on faster systems which want more security. Thanks to Eli Collins for implementing this (see issue2550688). This now passes a config object (default None in which case we fall back to hard-coded parameters) into the password generation routine. This way we can add further parameters for password generation in the future. Also added a small regression test for this new feature.

author	Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
date	Fri, 15 Apr 2011 08:09:59 +0000
parents	95aace124a8e
children	abd2db0a159a

comparison

equal deleted inserted replaced

-:95aace124a8e
+:693c75d56ebe
 self.assertEqual(scheme, pw1.scheme)
 actions.LoginAction(cl).handle()
 pw = self.db.user.get(chef, 'password')
 self.assertEqual(pw, 'foo')
 self.assertEqual(pw, pw1)
+def testPasswordConfigOption(self):
+chef = self.db.user.lookup('Chef')
+form = dict(__login_name='Chef', __login_password='foo')
+cl = self._make_client(form)
+self.db.config.PASSWORD_PBKDF2_DEFAULT_ROUNDS = 1000
+pw1 = password.Password('foo', scheme='crypt')
+self.assertEqual(pw1.needs_migration(), True)
+self.db.user.set(chef, password=pw1)
+self.db.commit()
+actions.LoginAction(cl).handle()
+pw = self.db.user.get(chef, 'password')
+self.assertEqual('PBKDF2', pw.scheme)
+self.assertEqual(1000, password.pbkdf2_unpack(pw.password)[0])
 #
 # Boolean
 #
 def testEmptyBoolean(self):

Mercurial > p > roundup > code

comparison test/test_cgi.py @ 4486:693c75d56ebe