#31358: Increase default password salt size in BasePasswordHasher.
--------------------------------------+------------------------------------
Reporter: Jon Moroney | Owner: nobody
Type: Cleanup/optimization | Status: new
Component: Utilities | Version: master
Severity: Normal | Resolution:
Keywords: | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 1
Easy pickings: 0 | UI/UX: 0
--------------------------------------+------------------------------------
Comment (by Florian Apolloner):
Replying to [comment:18 Jon Moroney]:
> Let me ask the question a different way then; which route should I
implement in my pr? :p
Ha, sorry for not being clearer. What I wanted to say is that I don't have
a good answer for you. In a perfect world (ie if you are up to the
challenge :D) I would suggest adding a `decode` function to the hashers
that basically does the reverse of `encode`. `safe_summary` could then use
the decoded values and mask them as needed.
Adding a `decode` function seems to make sense since
`Argon2PasswordHasher` already has a `_decode` and others manually repeat
(the simpler logic) ala `algorithm, empty, algostr, rounds, data =
encoded.split('$', 4)` over multiple functions.
This new `decode` functionality could be in a new PR and your current PR
would be blocked by it and the use that. Interested to hear your and
Mariusz' thoughts
--
Ticket URL: <https://code.djangoproject.com/ticket/31358#comment:19>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/066.8adf6ed963771bc9dac8999c663108c1%40djangoproject.com.
