(self)
| 175 | PASSWORD_HASHERS=["django.contrib.auth.hashers.BCryptPasswordHasher"] |
| 176 | ) |
| 177 | def test_bcrypt_upgrade(self): |
| 178 | hasher = get_hasher("bcrypt") |
| 179 | self.assertEqual("bcrypt", hasher.algorithm) |
| 180 | self.assertNotEqual(hasher.rounds, 4) |
| 181 | |
| 182 | old_rounds = hasher.rounds |
| 183 | try: |
| 184 | # Generate a password with 4 rounds. |
| 185 | hasher.rounds = 4 |
| 186 | encoded = make_password("letmein", hasher="bcrypt") |
| 187 | rounds = hasher.safe_summary(encoded)["work factor"] |
| 188 | self.assertEqual(rounds, 4) |
| 189 | |
| 190 | state = {"upgraded": False} |
| 191 | |
| 192 | def setter(password): |
| 193 | state["upgraded"] = True |
| 194 | |
| 195 | # No upgrade is triggered. |
| 196 | self.assertTrue(check_password("letmein", encoded, setter, "bcrypt")) |
| 197 | self.assertFalse(state["upgraded"]) |
| 198 | |
| 199 | # Revert to the old rounds count and ... |
| 200 | hasher.rounds = old_rounds |
| 201 | |
| 202 | # ... check if the password would get updated to the new count. |
| 203 | self.assertTrue(check_password("letmein", encoded, setter, "bcrypt")) |
| 204 | self.assertTrue(state["upgraded"]) |
| 205 | finally: |
| 206 | hasher.rounds = old_rounds |
| 207 | |
| 208 | @skipUnless(bcrypt, "bcrypt not installed") |
| 209 | @override_settings( |
nothing calls this directly
no test coverage detected