This repository has been archived by the owner on Feb 22, 2024. It is now read-only.
Allow password validation against legacy non-HMAC encrypted passwords. #324
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
If a user goes directly to /login, the value of 'next' is the empty string in the login form. This change updates validate_redirect_url() so that the empty string does not validate, and get_post_action_redirect() will fall through as expected to SECURITY_POST_LOGIN_VIEW.
My new Mac OS 10.9 system doesn't include "mock", and it's required for the test suite to run.
Additional code is required to properly initalize pytest-cache when it's installed into a local egg in the current working directory.
Fix from here:
https://bitbucket.org/hpk42/pytest-cache/issue/8/pytest-cache-plugin-not-loading-when-using
Without this, I get:
.....
running build_ext
usage: setup.py [options] [file_or_dir] [file_or_dir] [...]
setup.py: error: unrecognized arguments: --clearcache
Try passwords first HMACed, then fallback to sans-HMAC if that fails, in order to support legacy encrypted passwords.
Conflicts: flask_security/utils.py
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is to address #320 where it's difficult to validate against an old password database that hasn't had the passwords HMAC'd before encrypting.