tags:

views:

72

answers:

1
+1  Q: 

What is the cleanest way to add code to contrib.auth

I've migrated an old joomla installation over to django. The password hashes is an issue though. I had to modify the get_hexdigest in contrib.auth.models to have an extra if statement to reverse the way the hash is generated.

# Custom for Joomla
if algorithm == 'joomla':
    return md5_constructor(raw_password + salt).hexdigest()
# Djangos original md5
if algorithm == 'md5':
    return md5_constructor(salt + raw_password).hexdigest()

I also added the following to the User model to update the passwords after login if they have the old joomla style:

# Joomla Backwards compat
algo, salt, hsh = self.password.split('$')
if algo == 'joomla':
    is_correct = (hsh == get_hexdigest(algo, salt, raw_password))
    if is_correct:
        # Convert the password to the new more secure format.
        self.set_password(raw_password)
        self.save()
    return is_correct

Everything is working perfectly but I'd rather not edit this code directly in the django tree. Is there a cleaner way to do this in my own project?

Thanks

+6  A: 

Your best bet would be to roll a custom auth backend and rewrite get_hexdigest in there. Never done it myself, but documentation on how to do so is available at http://docs.djangoproject.com/en/dev/topics/auth/#authentication-backends.

Rishabh Manocha  2009-11-17 09:04:17
+1: I spent days of my life to do it correctly in my scenario, but in your case it should be quite easy to do and is the most "Djangoic" way to go.
Boldewyn  2009-11-17 09:08:15
Thanks. I was aware of custom auth backends, but since I found this stuff in the models.py I didnt think it applied. After your link I reread it all and thats exactly one I need. Circle gets the Square!
Clarence  2009-11-18 03:37:43

related questions

Django: Print url of view without hardcoding the url
Django Calendar Widget?
Can the HTTP version or headers affect the visual appearance of a web page?
Project design / FS layout for large django projects
Extending the User model with custom fields in Django
How to generate urls in django
Always including the user in the django template context
Screencasts for Django/Python?
Using Django time/date widgets in custom form
How do I add data to an existing model in Django?
Setup django with WSGI and apache
Altering database tables in Django
Django Templates and variable attributes.
Django ImageField core=False in newforms admin
How can I render a tree structure (recursive) using a django template?
Cleanest & Fastest server setup for Django
Unicode vs UTF-8 confusion in Python / Django?
Does Hostmonster support Django
Specifying a mySQL ENUM in a Django model
Represent Ordering in a Relational Database
updating an auto_now DateTimeField in a parent model w/ Django
Version track, automate DB schema changes with django
Learning Ruby on Rails any good for Grails?
What Hosting Service is best for Django applications?
Class views in Django