Skip to content
This repository has been archived by the owner on Jan 25, 2018. It is now read-only.

Commit

Permalink
Do not default to py-bcrypt because it is hard to install and configu…
Browse files Browse the repository at this point in the history 
…re. Default to SHA512 and strongly suggest bcrypt instead. Closes issue #41.
  • Loading branch information
Fred Wenzel committed Jun 10, 2011
1 parent adc50d9 commit 9908571
Show file tree
Hide file tree
Showing 2 changed files with 18 additions and 6 deletions.
12 changes: 6 additions & 6 deletions settings.py
View file
Expand Up @@ -55,9 +55,9 @@

## Accepted locales

# On dev instances, the list of accepted locales defaults to the contents of
# the `locale` directory. A localizer can add their locale in the l10n
# repository (copy of which is checked out into `locale`) in order to start
# On dev instances, the list of accepted locales defaults to the contents of
# the `locale` directory. A localizer can add their locale in the l10n
# repository (copy of which is checked out into `locale`) in order to start
# testing the localization on the dev server.
try:
DEV_LANGUAGES = [
Expand All @@ -67,7 +67,7 @@
except OSError:
DEV_LANGUAGES = ('en-US',)

# On stage/prod, the list of accepted locales is manually maintained. Only
# On stage/prod, the list of accepted locales is manually maintained. Only
# locales whose localizers have signed off on their work should be listed here.
PROD_LANGUAGES = (
'en-US',
Expand Down Expand Up @@ -250,8 +250,8 @@ def JINJA_CONFIG():
JAVA_BIN = '/usr/bin/java'

## Auth
PWD_ALGORITHM = 'bcrypt'
HMAC_KEYS = {
PWD_ALGORITHM = 'sha512' # recommended: 'bcrypt'
HMAC_KEYS = { # for bcrypt only
#'2011-01-01': 'cheesecake',
}

Expand Down
12 changes: 12 additions & 0 deletions settings_local.py-dist
View file
Expand Up @@ -20,6 +20,9 @@ DATABASES = {
'TEST_CHARSET': 'utf8',
'TEST_COLLATION': 'utf8_general_ci',
},
# 'slave': {
# ...
# },
}

# Recipients of traceback emails and other notifications.
Expand All @@ -35,3 +38,12 @@ DEBUG = TEMPLATE_DEBUG = True
# Is this a development instance? Set this to True on development/master
# instances and False on stage/prod.
DEV = True

# Playdoh ships with sha512 password hashing by default. Bcrypt+HMAC is safer,
# so it is recommended. Please read <https://github.com/fwenzel/django-sha2#readme>,
# then switch this to bcrypt and pick a secret HMAC key for your application.
#PWD_ALGORITHM = 'bcrypt'
#HMAC_KEYS = { # for bcrypt only
# '2011-01-01': 'cheesecake',
#}

0 comments on commit 9908571

Please sign in to comment.