Merge f9ca323 into 6bdcd29

pallets-eco · Jul 30, 2014 · 8b67167 · 8b67167
2 parents 6bdcd29 + f9ca323
commit 8b67167
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 3 deletions.
diff --git a/flask_security/core.py b/flask_security/core.py
@@ -38,6 +38,7 @@
     'FLASH_MESSAGES': True,
     'PASSWORD_HASH': 'plaintext',
     'PASSWORD_SALT': None,
+    'PASSWORD_NO_SALT': False,
     'LOGIN_URL': '/login',
     'LOGOUT_URL': '/logout',
     'REGISTER_URL': '/register',
@@ -266,7 +267,6 @@ def _get_state(app, datastore, **kwargs):
         datastore=datastore,
         login_manager=_get_login_manager(app),
         principal=_get_principal(app),
-        pwd_context=_get_pwd_context(app),
         remember_token_serializer=_get_serializer(app, 'remember'),
         login_serializer=_get_serializer(app, 'login'),
         reset_serializer=_get_serializer(app, 'reset'),
@@ -395,7 +395,8 @@ def init_app(self, app, datastore=None, register_blueprint=True,
                  login_form=None, confirm_register_form=None,
                  register_form=None, forgot_password_form=None,
                  reset_password_form=None, change_password_form=None,
-                 send_confirmation_form=None, passwordless_login_form=None):
+                 send_confirmation_form=None, passwordless_login_form=None,
+                 pwd_context=None):
         """Initializes the Flask-Security extension for the specified
         application and datastore implentation.
 
@@ -421,7 +422,8 @@ def init_app(self, app, datastore=None, register_blueprint=True,
                            reset_password_form=reset_password_form,
                            change_password_form=change_password_form,
                            send_confirmation_form=send_confirmation_form,
-                           passwordless_login_form=passwordless_login_form)
+                           passwordless_login_form=passwordless_login_form,
+                           pwd_context=pwd_context or _get_pwd_context(app))
 
         if register_blueprint:
             app.register_blueprint(create_blueprint(state, __name__))

diff --git a/flask_security/utils.py b/flask_security/utils.py
@@ -101,6 +101,9 @@ def get_hmac(password):
     """
     salt = _security.password_salt
 
+    if salt is None and _security.password_no_salt:
+        return password
+
     if salt is None:
         raise RuntimeError(
             'The configuration value `SECURITY_PASSWORD_SALT` must '

diff --git a/tests/test_hashing.py b/tests/test_hashing.py
@@ -36,3 +36,12 @@ def test_missing_hash_salt_option(app, sqlalchemy_datastore):
         init_app_with_options(app, sqlalchemy_datastore, **{
             'SECURITY_PASSWORD_HASH': 'bcrypt',
         })
+
+
+def test_missing_hash_salt_with_no_salt_option(app, sqlalchemy_datastore):
+    init_app_with_options(app, sqlalchemy_datastore, **{
+        'SECURITY_PASSWORD_HASH': 'bcrypt',
+        'SECURITY_PASSWORD_NO_SALT': True,
+    })
+    with app.app_context():
+        assert verify_password('pass', encrypt_password('pass'))