Re: MD5 crypt passwords

2007-12-16 Thread akaihola 

I need to allow users to log in to my Django site with their old Unix
usernames and passwords, which may be encoded with MD5-based crypt.
Yuri, I don't believe your hook provides that functionality.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django developers" group.
To post to this group, send email to django-developers@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-developers?hl=en
-~--~~~~--~~--~--~---

Re: MD5 crypt passwords

2007-12-02 Thread Yuri Baburov 

On Dec 2, 2007 8:04 PM, akaihola <[EMAIL PROTECTED]> wrote:
>
> Changeset 5073 [1] added support for Unix DES crypt passwords (see
> ticket 3316 [2] for discussion).
>
> Many systems use MD5-based crypt shadow passwords (see e.g. man 3
> crypt or its on-line version [3], under heading "GNU Extension"). This
> extension to the crypt library prefixes the encrypted password with
> "$1$$" instead of the 2-character salt.
>
> Django uses dollar signs ($) to delimit the algorithm, salt and
> encrypted password in the contrib.auth.models.User.password string.
> The choice of delimiter collides with glibc2 crypt. Apart from that
> MD5 crypt passwords should just work with the current code.
>
> I added a ticket [4] for this and submitted three different solutions
> as patches.
>
> I bumped into this issue when creating a Django-based web interface
> for a virtual host based e-mail service, and I needed to migrate a
> number of Linux user accounts along with their passwords to Django.

You don't really need to change django to do this.
I've solved this with User class hook:

def my_set_password(user, raw_password):
try:
this = EMailInfo.objects.get(user=user)
except EMailInfo.DoesNotExist:
this = EMailInfo(user=user)
this.username = user.username
import sha
this.password =
'{SHA}'+base64_encode(sha.new(raw_password).digest())[0].strip()
this.email= '[EMAIL PROTECTED]' % (user.username, VIRTUAL_DOMAIN)
user.emailaddress = this

def my_create_user(manager, username, email, password):
user = real_create_user(manager, username, email, password)
# user was saved after this
this = user.emailaddress
this.user = user
this.username = user.username
this.save()
return user

real_set_password = User.set_password
User.set_password = my_set_password
real_create_user = UserManager.create_user
UserManager.create_user = my_create_user

> [1] http://code.djangoproject.com/changeset/5073
> [2] http://code.djangoproject.com/ticket/3316
> [3] http://linux.die.net/man/3/crypt
> [4] http://code.djangoproject.com/ticket/6028

-- 
Best regards, Yuri V. Baburov, ICQ# 99934676, Skype: yuri.baburov,
MSN: [EMAIL PROTECTED]

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django developers" group.
To post to this group, send email to django-developers@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-developers?hl=en
-~--~~~~--~~--~--~---

MD5 crypt passwords

2007-12-02 Thread akaihola 

Changeset 5073 [1] added support for Unix DES crypt passwords (see
ticket 3316 [2] for discussion).

Many systems use MD5-based crypt shadow passwords (see e.g. man 3
crypt or its on-line version [3], under heading "GNU Extension"). This
extension to the crypt library prefixes the encrypted password with
"$1$$" instead of the 2-character salt.

Django uses dollar signs ($) to delimit the algorithm, salt and
encrypted password in the contrib.auth.models.User.password string.
The choice of delimiter collides with glibc2 crypt. Apart from that
MD5 crypt passwords should just work with the current code.

I added a ticket [4] for this and submitted three different solutions
as patches.

I bumped into this issue when creating a Django-based web interface
for a virtual host based e-mail service, and I needed to migrate a
number of Linux user accounts along with their passwords to Django.

[1] http://code.djangoproject.com/changeset/5073
[2] http://code.djangoproject.com/ticket/3316
[3] http://linux.die.net/man/3/crypt
[4] http://code.djangoproject.com/ticket/6028
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django developers" group.
To post to this group, send email to django-developers@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-developers?hl=en
-~--~~~~--~~--~--~---