Commit
- Loading branch information
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -151,10 +151,15 @@ def lazy_langs(): | |
# Examples: "http://media.lawrence.com", "http://example.com/media/" | ||
MEDIA_URL = '/media/' | ||
|
||
# URL prefix for admin media -- CSS, JavaScript and images. Make sure to use a | ||
# trailing slash. | ||
# Examples: "http://foo.com/media/", "/media/". | ||
ADMIN_MEDIA_PREFIX = '/admin-media/' | ||
# Absolute path to the directory static files should be collected to. | ||
# Don't put anything in this directory yourself; store your static files | ||
# in apps' "static/" subdirectories and in STATICFILES_DIRS. | ||
# Example: "/home/media/media.lawrence.com/static/" | ||
STATIC_ROOT = path('static') | ||
This comment has been minimized.
Sorry, something went wrong.
This comment has been minimized.
Sorry, something went wrong.
rlr
Author
Owner
|
||
|
||
# URL prefix for static files. | ||
# Example: "http://media.lawrence.com/static/" | ||
STATIC_URL = '/static/' | ||
|
||
# Make this unique, and don't share it with anybody. | ||
# Set this in your local settings which is not committed to version control. | ||
|
@@ -227,9 +232,9 @@ def JINJA_CONFIG(): | |
|
||
# Django contrib apps | ||
'django.contrib.auth', | ||
'django_sha2', # Load after auth to monkey-patch it. | ||
'django.contrib.contenttypes', | ||
'django.contrib.sessions', | ||
'django.contrib.staticfiles', | ||
# 'django.contrib.sites', | ||
# 'django.contrib.messages', | ||
# Uncomment the next line to enable the admin: | ||
|
@@ -256,11 +261,20 @@ def JINJA_CONFIG(): | |
SESSION_COOKIE_HTTPONLY = True | ||
|
||
## Auth | ||
PWD_ALGORITHM = 'sha512' # recommended: 'bcrypt' | ||
BASE_PASSWORD_HASHERS = ( | ||
# recommended: 'django_sha2.hashers.BcryptHMACCombinedPasswordVerifier', | ||
'django_sha2.hashers.SHA512PasswordHasher', | ||
'django.contrib.auth.hashers.SHA1PasswordHasher', | ||
'django.contrib.auth.hashers.MD5PasswordHasher', | ||
'django.contrib.auth.hashers.UnsaltedMD5PasswordHasher', | ||
) | ||
This comment has been minimized.
Sorry, something went wrong.
kumar303
|
||
HMAC_KEYS = { # for bcrypt only | ||
#'2011-01-01': 'cheesecake', | ||
} | ||
|
||
from django_sha2 import get_password_hashers | ||
PASSWORD_HASHERS = get_password_hashers(BASE_PASSWORD_HASHERS, HMAC_KEYS) | ||
|
||
## Tests | ||
TEST_RUNNER = 'test_utils.runner.RadicalTestSuiteRunner' | ||
|
||
|
2 comments
on commit 21ea4c1
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
r+wc from me. @peterbe should r too so you guys are in sync on the static files stuff.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
once this lands, the docs should link to the commit in the upgrade section. Mainly this is because people who choose to put an old django in their vendor-local (for compatibility reasons) will also need to adjust their settings for the old password hashing stuff
playdoh will need its update.py script updated to suggest
manage.py collectstatic