I've had a quick look at the django setup in passlib and the first impressions are *not* good.
0: I'm not sure why passlib wants to provide django support, django has password hashing functionality built in. 1: passlib tries to support too many different versions of django, including django1.0 which was old even in Lenny. That unnecessarily complicates the code. (passfail also uses it's own internal handling of the django versions which seems unnecessary.) 2: passlib doesn't handle django as a "typical" django app with no centralised settings - this makes the move to 1.9 error-prone. Fixing passlib/tests/test_ext_django.py just reveals that passlib/tests/test_handlers_django.py gets confused between django imports for 1.4, 1.6 and gets the wrong result for >> 1.7 which now fails with 1.9. fuzz_verifier_django tries to import from django.contrib.auth.models import check_password which has moved into django.contrib.auth.hashers. 3: It's not clear to me why passlib couldn't be separated into a passlib and passlib-django upstream (dropping support for all versions of django prior to 1.6 or 1.7 in the process) to make the whole library much easier and simpler to handle. 4: passlib also has the python-support dependency which is deprecated: https://wiki.debian.org/Python/TransitionToDHPython2 I've attached what I've done so far in patch format but there is more to do. I now get: ====================================================================== ERROR: test_02_handler_wrapper (passlib.tests.test_ext_django.DjangoExtensionTest) passlib.ext.django plugin: test Hasher-compatible handler wrappers ---------------------------------------------------------------------- Traceback (most recent call last): File "/home/neil/code/debian/qa/passlib/python-passlib-1.6.5/passlib/tests/test_ext_django.py", line 817, in test_02_handler_wrapper self.assertEqual(hasher.safe_summary(encoded), File "/home/neil/code/debian/qa/passlib/python-passlib-1.6.5/passlib/ext/django/utils.py", line 191, in safe_summary from django.utils.datastructures import SortedDict ImportError: cannot import name SortedDict ====================================================================== FAIL: test_config (passlib.tests.test_ext_django.DjangoBehaviorTest) verify django behavior: test hashing interface ---------------------------------------------------------------------- Traceback (most recent call last): File "/home/neil/code/debian/qa/passlib/python-passlib-1.6.5/passlib/tests/test_ext_django.py", line 668, in test_config self.assert_valid_password(user, hash) File "/home/neil/code/debian/qa/passlib/python-passlib-1.6.5/passlib/tests/test_ext_django.py", line 342, in assert_valid_password self.assertEqual(user.password, hash) AssertionError: u'pbkdf2_sha256$24000$REJ7eHqQKnLO$E6PL+rR/Jq/B6ue5PdOGt0fihKyAFGTvjt/VTwwI0q8=' != 'pbkdf2_sha256$20000$arJ31mmmlSmO$XNBTUKe4UCUGPeHTmXpYjaKmJaDGAsevd0LWvBtzP18=' ---------------------------------------------------------------------- Ran 1928 tests in 155.118s FAILED (failures=1, errors=1, skipped=590) SortedDict is likely to be simple - the failure in the hashing test and the number of skipped tests are a bit more of a concern. -- Neil Williams ============= http://www.linux.codehelp.co.uk/
Description: Hacky first go at django1.9 support --- --- python-passlib-1.6.5.orig/passlib/tests/test_ext_django.py +++ python-passlib-1.6.5/passlib/tests/test_ext_django.py @@ -55,6 +55,7 @@ if has_django: settings._target = UserSettingsHolder(global_settings) elif not settings.configured: settings.configure() + settings.INSTALLED_APPS += ['django.contrib.auth', 'django.contrib.contenttypes'] #============================================================================= # support funcs @@ -76,6 +77,8 @@ def update_settings(**kwds): setattr(settings, k, v) if has_django: + import django + django.setup() from django.contrib.auth.models import User class FakeUser(User): @@ -96,6 +99,9 @@ if has_django: # NOTE: ignoring update_fields for test purposes self.saved_passwords.append(self.password) + class Meta: + app_label = 'fakeuser' + def create_mock_setter(): state = [] def setter(password): @@ -381,8 +387,8 @@ class DjangoBehaviorTest(_ExtensionTest) from django.contrib.auth.hashers import identify_hasher has_identify_hasher = True hash_hashers = True - else: - from django.contrib.auth.models import check_password +# else: +# from django.contrib.auth.models import check_password #======================================================= # make sure extension is configured correctly --- python-passlib-1.6.5.orig/passlib/tests/test_handlers_django.py +++ python-passlib-1.6.5/passlib/tests/test_handlers_django.py @@ -41,7 +41,8 @@ class _DjangoHelper(object): min_django_version = max(self.min_django_version, (1,0)) if DJANGO_VERSION < min_django_version: return None - from django.contrib.auth.models import check_password + # from django.contrib.auth.models import check_password + from django.contrib.auth.hashers import check_password def verify_django(secret, hash): """django/check_password""" if (1,4) <= DJANGO_VERSION < (1,6) and not secret: @@ -63,7 +64,8 @@ class _DjangoHelper(object): min_django_version = max(self.min_django_version, (1,0)) if DJANGO_VERSION < min_django_version: raise self.skipTest("Django >= %s not installed" % vstr(min_django_version)) - from django.contrib.auth.models import check_password + # from django.contrib.auth.models import check_password + from django.contrib.auth.hashers import check_password assert self.known_correct_hashes for secret, hash in self.iter_known_hashes(): if (1,4) <= DJANGO_VERSION < (1,6) and not secret:
pgpTWMfXLCltR.pgp
Description: OpenPGP digital signature