class UnsaltedMD5PasswordHasher(BasePasswordHasher): (source)
Incredibly insecure algorithm that you should *never* use; stores unsalted MD5 hashes without the algorithm prefix, also accepts MD5 hashes with an empty salt. This class is implemented because Django used to store passwords this way and to accept such password hashes. Some older Django installs still have these values lingering around so we need to handle and upgrade them properly.
Method | decode |
Return a decoded database value. |
Method | encode |
Create an encoded database value. |
Method | harden |
Bridge the runtime gap between the work factor supplied in `encoded` and the work factor suggested by this hasher. |
Method | safe |
Return a summary of safe values. |
Method | salt |
Generate a cryptographically secure nonce salt in ASCII with an entropy of at least `salt_entropy` bits. |
Method | verify |
Check if the given password is correct. |
Class Variable | algorithm |
Undocumented |
Inherited from BasePasswordHasher
:
Method | must |
Undocumented |
Class Variable | library |
Undocumented |
Class Variable | salt |
Undocumented |
Method | _check |
Undocumented |
Method | _load |
Undocumented |
Return a decoded database value. The result is a dictionary and should contain `algorithm`, `hash`, and `salt`. Extra keys can be algorithm specific like `iterations` or `work_factor`.
Create an encoded database value. The result is normally formatted as "algorithm$salt$hash" and must be fewer than 128 characters.
Bridge the runtime gap between the work factor supplied in `encoded` and the work factor suggested by this hasher. Taking PBKDF2 as an example, if `encoded` contains 20000 iterations and `self.iterations` is 30000, this method should run password through another 10000 iterations of PBKDF2. Similar approaches should exist for any hasher that has a work factor. If not, this method should be defined as a no-op to silence the warning.
Return a summary of safe values. The result is a dictionary and will be used where the password field must be displayed to construct a safe representation of the password.
Generate a cryptographically secure nonce salt in ASCII with an entropy of at least `salt_entropy` bits.