django.contrib.auth.hashers.UnsaltedSHA1PasswordHasher

class documentation

class UnsaltedSHA1PasswordHasher(BasePasswordHasher): (source)

Very insecure algorithm that you should *never* use; store SHA1 hashes with an empty salt. This class is implemented because Django used to accept such password hashes. Some older Django installs still have these values lingering around so we need to handle and upgrade them properly.

Method	`decode`	Return a decoded database value.
Method	`encode`	Create an encoded database value.
Method	`harden_runtime`	Bridge the runtime gap between the work factor supplied in `encoded` and the work factor suggested by this hasher.
Method	`safe_summary`	Return a summary of safe values.
Method	`salt`	Generate a cryptographically secure nonce salt in ASCII with an entropy of at least `salt_entropy` bits.
Method	`verify`	Check if the given password is correct.
Class Variable	`algorithm`	Undocumented

Inherited from BasePasswordHasher:

Method	`must_update`	Undocumented
Class Variable	`library`	Undocumented
Class Variable	`salt_entropy`	Undocumented
Method	`_check_encode_args`	Undocumented
Method	`_load_library`	Undocumented

def decode(self, encoded): (source) ¶

overrides django.contrib.auth.hashers.BasePasswordHasher.decode

Return a decoded database value. The result is a dictionary and should contain `algorithm`, `hash`, and `salt`. Extra keys can be algorithm specific like `iterations` or `work_factor`.

def encode(self, password, salt): (source) ¶

overrides django.contrib.auth.hashers.BasePasswordHasher.encode

Create an encoded database value. The result is normally formatted as "algorithm$salt$hash" and must be fewer than 128 characters.

def harden_runtime(self, password, encoded): (source) ¶

overrides django.contrib.auth.hashers.BasePasswordHasher.harden_runtime

Bridge the runtime gap between the work factor supplied in `encoded` and the work factor suggested by this hasher. Taking PBKDF2 as an example, if `encoded` contains 20000 iterations and `self.iterations` is 30000, this method should run password through another 10000 iterations of PBKDF2. Similar approaches should exist for any hasher that has a work factor. If not, this method should be defined as a no-op to silence the warning.

def safe_summary(self, encoded): (source) ¶

overrides django.contrib.auth.hashers.BasePasswordHasher.safe_summary

Return a summary of safe values. The result is a dictionary and will be used where the password field must be displayed to construct a safe representation of the password.

def salt(self): (source) ¶

overrides django.contrib.auth.hashers.BasePasswordHasher.salt

Generate a cryptographically secure nonce salt in ASCII with an entropy of at least `salt_entropy` bits.

def verify(self, password, encoded): (source) ¶

overrides django.contrib.auth.hashers.BasePasswordHasher.verify

Check if the given password is correct.

algorithm: str = (source) ¶

overrides django.contrib.auth.hashers.BasePasswordHasher.algorithm

Undocumented