Mercurial > p > roundup > code
diff roundup/cgi/actions.py @ 4486:693c75d56ebe
Add new config-option 'password_pbkdf2_default_rounds'...
...in 'main' section to configure the default parameter for new
password generation. Set this to a higher value on faster systems
which want more security. Thanks to Eli Collins for implementing this
(see issue2550688).
This now passes a config object (default None in which case we fall back
to hard-coded parameters) into the password generation routine. This way
we can add further parameters for password generation in the future.
Also added a small regression test for this new feature.
| author | Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net> |
|---|---|
| date | Fri, 15 Apr 2011 08:09:59 +0000 |
| parents | 52e13bf0bb40 |
| children | abd2db0a159a |
line wrap: on
line diff
--- a/roundup/cgi/actions.py Thu Apr 14 18:27:51 2011 +0000 +++ b/roundup/cgi/actions.py Fri Apr 15 08:09:59 2011 +0000 @@ -353,7 +353,7 @@ if isinstance(prop, hyperdb.Multilink): value = value.split(':') elif isinstance(prop, hyperdb.Password): - value = password.Password(value) + value = password.Password(value, config=self.db.config) elif isinstance(prop, hyperdb.Interval): value = date.Interval(value) elif isinstance(prop, hyperdb.Date): @@ -711,7 +711,7 @@ # XXX we need to make the "default" page be able to display errors! try: # set the password - cl.set(uid, password=password.Password(newpw)) + cl.set(uid, password=password.Password(newpw, config=self.db.config)) # clear the props from the otk database otks.destroy(otk) self.db.commit() @@ -1013,7 +1013,8 @@ stored = db.user.get(userid, 'password') if givenpw == stored: if db.config.WEB_MIGRATE_PASSWORDS and stored.needs_migration(): - db.user.set(userid, password=password.Password(givenpw)) + newpw = password.Password(givenpw, config=db.config) + db.user.set(userid, password=newpw) db.commit() return 1 if not givenpw and not stored: