如何使用具有Django身份驗證的惠而浦散列?

[英]How can I use the Whirlpool hash with Django authentication?


We have a system written in PHP where account passwords are stored as the first 128 chars of a whirlpool hash of the password.

我們有一個用PHP編寫的系統,其中帳戶密碼存儲為密碼的惠而浦散列的前128個字符。

I'd like to transition to handling the logins with Django without changing the database or asking users to change their passwords. Also, I'd prefer to stick with whirlpool vs. the less secure hashes Django has built in. I found a python (C) implementation of Whirlpool which seems to work fine.

我希望過渡到使用Django處理登錄,而無需更改數據庫或要求用戶更改密碼。此外,我更喜歡使用whirlpool和Django內置的不太安全的散列。我發現了一個python (C)實現的Whirlpool,它似乎可以很好地工作。

How can I change the Django password checking function to use Whirlpool rather than SHA1/MD5?

如何更改Django密碼檢查函數以使用Whirlpool而不是SHA1/MD5?

1 个解决方案

#1


2  

Basically you want to write your own authentication back-end. Fortunately, this can be done very easily.

基本上,您希望編寫自己的身份驗證后端。幸運的是,這很容易做到。

It's as easy as:

這是一樣容易:

class MyBackend:
    def authenticate(self, username=None, password=None):
        # Check the username/password and return a User.

Then all you need to do is specify the back-end class by setting AUTHENTICATION_BACKENDS to be ('django.contrib.auth.backends.YourCustomBackend',).

然后您需要做的就是通過設置AUTHENTICATION_BACKENDS來指定后端類(' django.致歉. authb .back . yourcustom后端')。

See: http://docs.djangoproject.com/en/dev/topics/auth/#specifying-authentication-backends

見:http://docs.djangoproject.com/en/dev/topics/auth/ specifying-authentication-backends


注意!

本站翻译的文章,版权归属于本站,未经许可禁止转摘,转摘请注明本文地址:https://www.itdaan.com/blog/2010/02/22/7200d5fb88e41e6d2cf2c9c2edc1593e.html



 
粤ICP备14056181号  © 2014-2020 ITdaan.com