From b9632720308b957965ad71120256e594092f05f1 Mon Sep 17 00:00:00 2001 From: Ryan Olson Date: Tue, 29 Jul 2014 23:29:02 -0600 Subject: [PATCH 1/2] Added option to initialize with custom pwd_context --- flask_security/core.py | 8 +++++--- flask_security/utils.py | 3 +++ tests/test_hashing.py | 8 ++++++++ 3 files changed, 16 insertions(+), 3 deletions(-) diff --git a/flask_security/core.py b/flask_security/core.py index 7e922b47..d1e5ba80 100644 --- a/flask_security/core.py +++ b/flask_security/core.py @@ -38,6 +38,7 @@ 'FLASH_MESSAGES': True, 'PASSWORD_HASH': 'plaintext', 'PASSWORD_SALT': None, + 'PASSWORD_NO_SALT': False, 'LOGIN_URL': '/login', 'LOGOUT_URL': '/logout', 'REGISTER_URL': '/register', @@ -266,7 +267,6 @@ def _get_state(app, datastore, **kwargs): datastore=datastore, login_manager=_get_login_manager(app), principal=_get_principal(app), - pwd_context=_get_pwd_context(app), remember_token_serializer=_get_serializer(app, 'remember'), login_serializer=_get_serializer(app, 'login'), reset_serializer=_get_serializer(app, 'reset'), @@ -395,7 +395,8 @@ def init_app(self, app, datastore=None, register_blueprint=True, login_form=None, confirm_register_form=None, register_form=None, forgot_password_form=None, reset_password_form=None, change_password_form=None, - send_confirmation_form=None, passwordless_login_form=None): + send_confirmation_form=None, passwordless_login_form=None, + pwd_context=None): """Initializes the Flask-Security extension for the specified application and datastore implentation. @@ -421,7 +422,8 @@ def init_app(self, app, datastore=None, register_blueprint=True, reset_password_form=reset_password_form, change_password_form=change_password_form, send_confirmation_form=send_confirmation_form, - passwordless_login_form=passwordless_login_form) + passwordless_login_form=passwordless_login_form, + pwd_context=pwd_context or _get_pwd_context(app)) if register_blueprint: app.register_blueprint(create_blueprint(state, __name__)) diff --git a/flask_security/utils.py b/flask_security/utils.py index 1fd76149..40bafcd9 100644 --- a/flask_security/utils.py +++ b/flask_security/utils.py @@ -101,6 +101,9 @@ def get_hmac(password): """ salt = _security.password_salt + if salt is None and _security.password_no_salt: + return password + if salt is None: raise RuntimeError( 'The configuration value `SECURITY_PASSWORD_SALT` must ' diff --git a/tests/test_hashing.py b/tests/test_hashing.py index c698581f..e4e93ed2 100644 --- a/tests/test_hashing.py +++ b/tests/test_hashing.py @@ -36,3 +36,11 @@ def test_missing_hash_salt_option(app, sqlalchemy_datastore): init_app_with_options(app, sqlalchemy_datastore, **{ 'SECURITY_PASSWORD_HASH': 'bcrypt', }) + +def test_missing_hash_salt_with_no_salt_option(app, sqlalchemy_datastore): + init_app_with_options(app, sqlalchemy_datastore, **{ + 'SECURITY_PASSWORD_HASH': 'bcrypt', + 'SECURITY_PASSWORD_NO_SALT': True, + }) + with app.app_context(): + assert verify_password('pass', encrypt_password('pass')) From f9ca3239b717f3e0417f182a24fa0f4fd67c4255 Mon Sep 17 00:00:00 2001 From: Ryan Olson Date: Tue, 29 Jul 2014 23:58:47 -0600 Subject: [PATCH 2/2] added extra blank line to pass PEP8-check --- tests/test_hashing.py | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/test_hashing.py b/tests/test_hashing.py index e4e93ed2..218a61d9 100644 --- a/tests/test_hashing.py +++ b/tests/test_hashing.py @@ -37,6 +37,7 @@ def test_missing_hash_salt_option(app, sqlalchemy_datastore): 'SECURITY_PASSWORD_HASH': 'bcrypt', }) + def test_missing_hash_salt_with_no_salt_option(app, sqlalchemy_datastore): init_app_with_options(app, sqlalchemy_datastore, **{ 'SECURITY_PASSWORD_HASH': 'bcrypt',