Undocumented
Class |
|
Secure password hashing using the argon2 algorithm. |
Class |
|
Abstract base class for password hashers |
Class |
|
Secure password hashing using the bcrypt algorithm |
Class |
|
Secure password hashing using the bcrypt algorithm (recommended) |
Class |
|
Password hashing using UNIX crypt (not recommended) |
Class |
|
The Salted MD5 password hashing algorithm (not recommended) |
Class |
|
Secure password hashing using the PBKDF2 algorithm (recommended) |
Class |
|
Alternate PBKDF2 hasher which uses SHA1, the default PRF recommended by PKCS #5. This is compatible with other implementations of PBKDF2, such as openssl's PKCS5_PBKDF2_HMAC_SHA1(). |
Class |
|
Secure password hashing using the Scrypt algorithm. |
Class |
|
The SHA1 password hashing algorithm (not recommended) |
Class |
|
Incredibly insecure algorithm that you should *never* use; stores unsalted MD5 hashes without the algorithm prefix, also accepts MD5 hashes with an empty salt. |
Class |
|
Very insecure algorithm that you should *never* use; store SHA1 hashes with an empty salt. |
Function | check |
Return a boolean of whether the raw password matches the three part encoded digest. |
Function | get |
Return an instance of a loaded password hasher. |
Function | get |
Undocumented |
Function | get |
Undocumented |
Function | identify |
Return an instance of a loaded password hasher. |
Function | is |
Return True if this password wasn't generated by User.set_unusable_password(), i.e. make_password(None). |
Function | make |
Turn a plain-text password into a hash for database storage |
Function | mask |
Return the given hash, with only the first ``show`` number shown. The rest are masked with ``char`` for security reasons. |
Function | must |
Undocumented |
Function | reset |
Undocumented |
Constant | UNUSABLE |
Undocumented |
Constant | UNUSABLE |
Undocumented |
Return a boolean of whether the raw password matches the three part encoded digest. If setter is specified, it'll be called when you need to regenerate the password.
Return an instance of a loaded password hasher. If algorithm is 'default', return the default hasher. Lazily import hashers specified in the project's settings file if needed.
Return an instance of a loaded password hasher. Identify hasher algorithm by examining encoded hash, and call get_hasher() to return hasher. Raise ValueError if algorithm cannot be identified, or if hasher is not loaded.
Return True if this password wasn't generated by User.set_unusable_password(), i.e. make_password(None).
Turn a plain-text password into a hash for database storage Same as encode() but generate a new random salt. If password is None then return a concatenation of UNUSABLE_PASSWORD_PREFIX and a random string, which disallows logins. Additional random string reduces chances of gaining access to staff or superuser accounts. See ticket #20079 for more info.