On Fri, Sep 18, 2009 at 10:29 PM, PiotrLegnica <[email protected]> wrote: > > Hi. There is a feature described in a ticket #9194[1], which has been > marked as 'Design decision needed'. > > Is it still being discussed, or has it been forgotten completely? I'm > working on a patch for myself, but I'm not sure whether I should > attach it to ticket when I finish, if it's marked that way. > > [1]: http://code.djangoproject.com/ticket/9194
"Still" being discussed isn't really accurate - as evidenced by the level of activity on the ticket, it wasn't really discussed in the first place. Forgotten completely isn't accurate either - the ticket exists, so it hasn't been forgotten. However, this particular problem hasn't represented enough of a personal itch for anyone to drive a serious discussion of the idea on django-dev. Personally, I see this as a pretty low priority item, verging on wontfix. My usual position is that having more pluggable interfaces is a good thing, but in this case, IMHO, there isn't enough change and innovation in hashing algorithms to warrant a fully configurable interface for defining password hashes. There might even be an argument to _not_ make it configurable to discourage people from trying to write their own hashing algorithms. contrib.auth currently supports MD5, SHA1 and crypt, which IMHO covers all the important bases. If you think there is an obvious candidate that is missing, I think I'd rather see us add specific support for that algorithm rather than a pluggable interface. Yours, Russ Magee %-) --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/django-developers?hl=en -~----------~----~----~----~------~----~------~--~---
