(self)
| 82 | make_password(1) |
| 83 | |
| 84 | def test_pbkdf2(self): |
| 85 | encoded = make_password("lètmein", "seasalt", "pbkdf2_sha256") |
| 86 | self.assertEqual( |
| 87 | encoded, |
| 88 | "pbkdf2_sha256$1500000$" |
| 89 | "seasalt$P4UiMPVduVWIL/oS1GzH+IofsccjJNM5hUTikBvi5to=", |
| 90 | ) |
| 91 | self.assertTrue(is_password_usable(encoded)) |
| 92 | self.assertTrue(check_password("lètmein", encoded)) |
| 93 | self.assertFalse(check_password("lètmeinz", encoded)) |
| 94 | self.assertEqual(identify_hasher(encoded).algorithm, "pbkdf2_sha256") |
| 95 | # Blank passwords |
| 96 | blank_encoded = make_password("", "seasalt", "pbkdf2_sha256") |
| 97 | self.assertTrue(blank_encoded.startswith("pbkdf2_sha256$")) |
| 98 | self.assertTrue(is_password_usable(blank_encoded)) |
| 99 | self.assertTrue(check_password("", blank_encoded)) |
| 100 | self.assertFalse(check_password(" ", blank_encoded)) |
| 101 | # Salt entropy check. |
| 102 | hasher = get_hasher("pbkdf2_sha256") |
| 103 | encoded_weak_salt = make_password("lètmein", "iodizedsalt", "pbkdf2_sha256") |
| 104 | encoded_strong_salt = make_password("lètmein", hasher.salt(), "pbkdf2_sha256") |
| 105 | self.assertIs(hasher.must_update(encoded_weak_salt), True) |
| 106 | self.assertIs(hasher.must_update(encoded_strong_salt), False) |
| 107 | |
| 108 | @override_settings( |
| 109 | PASSWORD_HASHERS=["django.contrib.auth.hashers.MD5PasswordHasher"] |
nothing calls this directly
no test coverage detected