On 7/12/06, Malcolm Tredinnick <[EMAIL PROTECTED]> wrote:
>
> On Wed, 2006-07-12 at 03:18 +0000, Scott McCracken wrote:
> > I also ran into this problem when trying to create new users in the
> > Django admin interface. According to the Django documentation "We've
> > added extra security to the stored passwords in Django's authentication
> > system. Thanks to a patch from GomoX, passwords are now stored with a
> > salt and use SHA-1 encryption instead of MD5."
> >
> > If anyone could shed some light on a SHA-1 password generator it would
> > be much appreciated. Thanks!
>
> To quote from mail I sent to this list just yesterday:
>
> "To create this string from the raw password, you have to use
> some code like that found in
> django.contrib.auth.models.User.setpassword() (you can't use
> that code precisely, because it is designed to work with a user
> object)."
This is the code from setpassword():
def set_password(self, raw_password):
import sha, random
algo = 'sha1'
salt = sha.new(str(random.random())).hexdigest()[:5]
hsh = sha.new(salt+raw_password).hexdigest()
self.password = '%s$%s$%s' % (algo, salt, hsh)
So whack the following into a script or type it into a interactive session
import sha, random
raw_password = <PUT YOUR PASSWORD HERE (Don't leave it in clear in a
script though)>
algo = 'sha1'
salt = sha.new(str(random.random())).hexdigest()[:5]
hsh = sha.new(salt+raw_password).hexdigest()
print "%s$%s$%s" % (algo, salt, hsh)
Hope that helps,
F.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-users
-~----------~----~----~----~------~----~------~--~---
