I've had a quick look at the django setup in passlib and the first
impressions are *not* good.

0: I'm not sure why passlib wants to provide django support, django has
password hashing functionality built in.

1: passlib tries to support too many different versions of django,
including django1.0 which was old even in Lenny. That unnecessarily
complicates the code. (passfail also uses it's own internal handling of
the django versions which seems unnecessary.)

2: passlib doesn't handle django as a "typical" django app with no
centralised settings - this makes the move to 1.9 error-prone. Fixing
passlib/tests/test_ext_django.py just reveals that
passlib/tests/test_handlers_django.py gets confused between django
imports for 1.4, 1.6 and gets the wrong result for >> 1.7 which now
fails with 1.9. fuzz_verifier_django tries to import from
django.contrib.auth.models import check_password which has moved into
django.contrib.auth.hashers.

3: It's not clear to me why passlib couldn't be separated into a
passlib and passlib-django upstream (dropping support for all versions
of django prior to 1.6 or 1.7 in the process) to make the whole library
much easier and simpler to handle.

4: passlib also has the python-support dependency which is deprecated:
https://wiki.debian.org/Python/TransitionToDHPython2

I've attached what I've done so far in patch format but there is more
to do.

I now get:
======================================================================
ERROR: test_02_handler_wrapper
(passlib.tests.test_ext_django.DjangoExtensionTest) passlib.ext.django
plugin: test Hasher-compatible handler wrappers
----------------------------------------------------------------------
Traceback (most recent call last): File
"/home/neil/code/debian/qa/passlib/python-passlib-1.6.5/passlib/tests/test_ext_django.py",
line 817, in test_02_handler_wrapper
self.assertEqual(hasher.safe_summary(encoded), File
"/home/neil/code/debian/qa/passlib/python-passlib-1.6.5/passlib/ext/django/utils.py",
line 191, in safe_summary from django.utils.datastructures import
SortedDict ImportError: cannot import name SortedDict

======================================================================
FAIL: test_config (passlib.tests.test_ext_django.DjangoBehaviorTest)
verify django behavior: test hashing interface
----------------------------------------------------------------------
Traceback (most recent call last):
  File
"/home/neil/code/debian/qa/passlib/python-passlib-1.6.5/passlib/tests/test_ext_django.py",
line 668, in test_config self.assert_valid_password(user, hash) File
"/home/neil/code/debian/qa/passlib/python-passlib-1.6.5/passlib/tests/test_ext_django.py",
line 342, in assert_valid_password self.assertEqual(user.password,
hash) AssertionError:
u'pbkdf2_sha256$24000$REJ7eHqQKnLO$E6PL+rR/Jq/B6ue5PdOGt0fihKyAFGTvjt/VTwwI0q8='
 !=
'pbkdf2_sha256$20000$arJ31mmmlSmO$XNBTUKe4UCUGPeHTmXpYjaKmJaDGAsevd0LWvBtzP18='

----------------------------------------------------------------------
Ran 1928 tests in 155.118s

FAILED (failures=1, errors=1, skipped=590)

SortedDict is likely to be simple - the failure in the hashing test and
the number of skipped tests are a bit more of a concern.

-- 


Neil Williams
=============
http://www.linux.codehelp.co.uk/

Description: Hacky first go at django1.9 support

---

--- python-passlib-1.6.5.orig/passlib/tests/test_ext_django.py
+++ python-passlib-1.6.5/passlib/tests/test_ext_django.py
@@ -55,6 +55,7 @@ if has_django:
             settings._target = UserSettingsHolder(global_settings)
     elif not settings.configured:
         settings.configure()
+    settings.INSTALLED_APPS += ['django.contrib.auth', 'django.contrib.contenttypes']
 
 #=============================================================================
 # support funcs
@@ -76,6 +77,8 @@ def update_settings(**kwds):
             setattr(settings, k, v)
 
 if has_django:
+    import django
+    django.setup()
     from django.contrib.auth.models import User
 
     class FakeUser(User):
@@ -96,6 +99,9 @@ if has_django:
             # NOTE: ignoring update_fields for test purposes
             self.saved_passwords.append(self.password)
 
+        class Meta:
+            app_label = 'fakeuser'
+
 def create_mock_setter():
     state = []
     def setter(password):
@@ -381,8 +387,8 @@ class DjangoBehaviorTest(_ExtensionTest)
                 from django.contrib.auth.hashers import identify_hasher
                 has_identify_hasher = True
             hash_hashers = True
-        else:
-            from django.contrib.auth.models import check_password
+#        else:
+#            from django.contrib.auth.models import check_password
 
         #=======================================================
         # make sure extension is configured correctly
--- python-passlib-1.6.5.orig/passlib/tests/test_handlers_django.py
+++ python-passlib-1.6.5/passlib/tests/test_handlers_django.py
@@ -41,7 +41,8 @@ class _DjangoHelper(object):
         min_django_version = max(self.min_django_version, (1,0))
         if DJANGO_VERSION < min_django_version:
             return None
-        from django.contrib.auth.models import check_password
+        # from django.contrib.auth.models import check_password
+        from django.contrib.auth.hashers import check_password
         def verify_django(secret, hash):
             """django/check_password"""
             if (1,4) <= DJANGO_VERSION < (1,6) and not secret:
@@ -63,7 +64,8 @@ class _DjangoHelper(object):
         min_django_version = max(self.min_django_version, (1,0))
         if DJANGO_VERSION < min_django_version:
             raise self.skipTest("Django >= %s not installed" % vstr(min_django_version))
-        from django.contrib.auth.models import check_password
+        # from django.contrib.auth.models import check_password
+        from django.contrib.auth.hashers import check_password
         assert self.known_correct_hashes
         for secret, hash in self.iter_known_hashes():
             if (1,4) <= DJANGO_VERSION < (1,6) and not secret:

Attachment: pgpTWMfXLCltR.pgp
Description: OpenPGP digital signature

Reply via email to