[Django] #28660: Remove CryptPasswordHasher
Django
-------------------------------------+-------------------------------------
Reporter: Mads | Owner: nobody
Jensen |
Type: | Status: new
Cleanup/optimization |
Component: | Version: master
contrib.auth | Keywords: hasher crypt
Severity: Normal | password
Triage Stage: | Has patch: 0
Unreviewed |
Needs documentation: 0 | Needs tests: 0
Patch needs improvement: 0 | Easy pickings: 0
UI/UX: 0 |
-------------------------------------+-------------------------------------
It's not documented, and is no longer included in any default settings,
and the doc string says it may not be available on all platforms. There's
a single test in `tests/auth_tests/test_hashers.py` for it.
--
Ticket URL: <https://code.djangoproject.com/ticket/28660>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
Django
-------------------------------------+-------------------------------------
Reporter: Mads Jensen | Owner: Uman
Type: | Shahzad
Cleanup/optimization | Status: assigned
Component: contrib.auth | Version: master
Severity: Normal | Resolution:
Keywords: hasher crypt | Triage Stage:
password | Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
* owner: nobody => Uman Shahzad
* status: new => assigned
--
Ticket URL: <https://code.djangoproject.com/ticket/28660#comment:1>
Django
-------------------------------------+-------------------------------------
Reporter: Mads Jensen | Owner: Uman
Type: | Shahzad
Cleanup/optimization | Status: assigned
Component: contrib.auth | Version: master
Severity: Normal | Resolution:
Keywords: hasher crypt | Triage Stage:
password | Unreviewed
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
* has_patch: 0 => 1
--
Ticket URL: <https://code.djangoproject.com/ticket/28660#comment:2>
Django
-------------------------------------+-------------------------------------
Reporter: Mads Jensen | Owner: Uman
Type: | Shahzad
Cleanup/optimization | Status: assigned
Component: contrib.auth | Version: master
Severity: Normal | Resolution:
Keywords: hasher crypt | Triage Stage:
password | Unreviewed
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
Comment (by Aymeric Augustin):
It is documented here:
https://docs.djangoproject.com/en/1.11/topics/auth/passwords/#included-
hashers
I'm not seeing a pressing reason to remove this hasher, which may be used
for compatibility with existing password databases.
If there's a decision to remove it, that should go through a deprecation
path.
--
Ticket URL: <https://code.djangoproject.com/ticket/28660#comment:3>
Django
-------------------------------------+-------------------------------------
Reporter: Mads Jensen | Owner: Uman
Type: | Shahzad
Component: contrib.auth | Version: master
Severity: Normal | Resolution: wontfix
Keywords: hasher crypt | Triage Stage:
password | Unreviewed
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
* status: assigned => closed
* resolution: => wontfix
Comment:
I agree -- unless a discussion on the DevelopersMailingList yields a
consensus that the original use case in #3316 in obsolete, this hasher
doesn't have much maintenance cost and it's better for there to be a
canonical implementation rather than requiring users to implement it
themselves.
--
Ticket URL: <https://code.djangoproject.com/ticket/28660#comment:4>