django-ajax icon indicating copy to clipboard operation
django-ajax copied to clipboard

Published 20 hours ago verified publisher icon joestump

Django 1.10: Replace test fixture reliance on deprecated SHA1 hasher

Open adevore opened this issue 8 years ago • 4 comments

Django 1.10 has removed support for the SHA1 hasher in the default list of hashers. This PR replaces the password in the users.json test fixture with a newly hashed password.

Pull request #70 should be merged before this pull request.

adevore avatar Jun 03 '16 22:06 adevore

My concern here is that we're using the sha hasher for speed, as it's recommended to use a fast hasher during tests. Ref: https://docs.djangoproject.com/en/1.9/topics/testing/overview/#speeding-up-the-tests

I think a better fix here is to define PASSWORD_HASHERS in the test settings and change it to md5.

nicholasserra avatar Jun 04 '16 04:06 nicholasserra

The new version uses PASSWORD_HASHERS. Note that 1.10a1 is not in the travis.yml file for django-ajax, so it has not been tested in a sandbox. I think adding 1.10a1 might cause a failure because six and mock are unlisted dependencies of django-ajax and the tests, respectively. I have an upcoming PR to fix that issue.

adevore avatar Jun 05 '16 00:06 adevore

Thank you. Looks like this PR needs rebased, or master merged in. Should be solid after that :)

nicholasserra avatar Jun 08 '16 05:06 nicholasserra

ping @adevore

Can you pull upstream into your fork and merge master into this branch? Or rebase. After that it should be good to go. Thanks :)

nicholasserra avatar Jun 20 '16 20:06 nicholasserra