delta/python-packages/passlib.git/docs/lib, branch stable

passlib.ext.django: Updated UTs to work with latest django release

2020-10-08T01:33:47+00:00

(should fix long-standing issue 98)

* test_ext_django:

    - Simplified "stock config" setup code.  It now gets it's "sha_rounds" value
      from the django source, so we don't have to manually update it every time
      django changes their default.  This should require less maintenance across
      minor django releases.  (Should fix issue 98, and prevent recurrence)

    - Updated tests to account for quirks in how encoded hashes are handled.
      Specifically: None, "", and invalid hashes all cause subtly different
      behaviors across django versions.  tests pass against django 1.8 - 3.1.

    - split "empty hash" test out from the loop it shared with "null hash" test,
      since the two behave differently.

* tox: expanded envlist to explicitly test a bunch more django versions
  (1.8 - 3.1); and remove some needless "django 2.x + py2" tests

* passlib.apps: reformatted django CryptContext declarations;
  added one for django 2.1 (which dropped "django_bcrypt" it's default list)

* passlib.ext.django:

    - added internal "quirks" helper as central place to track
      minor edge-case changes between django versions.

    - passlib_to_django() helper now falls back to searching hasher classes
      directly, even if patch isn't installed.  this allows it to work
      for django hashers that have been removed from django's default list.

docs / sha crypt: commented out the "implicit_rounds" param in docs,

2020-10-06T15:31:41+00:00

it's not actually supported by using(), and isn't needed for users
(issue 121)

passlib.hash: added ldap_salted_sha256 & ldap_salted_512 (issue 124)

2020-10-06T01:14:41+00:00

passlib.handlers: cases where crypt() returns malformed hash

2020-10-06T01:14:03+00:00

now return a single unified InternalBackendError() class,
instead of AssertionError.

This change has a couple of parts:

* assert statements replaced with permanent checks,
  since crypt() is unpredictable enough that we need to have this always on,
  even if production runs code in "-O2" mode.

* added debug_only_repr() helper which allows including sensitive stuff
  like salts & hash digests within error tracebacks -- will only do so
  when global flag is enabled; and that's currently only set by unittest suite.

* added new InternalBackendError() exception class (a RuntimeError subclass);
  which is raised instead of an AssertionError.

bcrypt / os_crypt backend: now throws new PasswordValueError()

2020-05-12T16:05:34+00:00

when encoding issue is found, to separate this from an unexpected error
when calling crypt.crypt() (these will still raise MissingBackendError).

also tweaked internal safe_verify() helper to catch errors thrown by
os_crypt backend (MissingBackendError would previously slip through,
causing spurious UT failures)

passlib.hash.bcrypt_sha256: now uses hmac-sha256 instead of plain sha256

2020-02-16T15:56:06+00:00

(fixes issue 114)

passlib.hash.bcrypt: added notes re: final salt character

2020-02-17T16:21:46+00:00

docs: various minor updates

2020-02-16T15:57:40+00:00

bcrypt: deprecated support for "py-bcrypt" and "bcryptor" backends

2019-11-22T20:54:16+00:00

docs: minor text & build issues

2019-11-19T19:41:31+00:00

* fix some typos
* silence unrefrenced footnote warnings (expected, can fix later)
* add intersphinx config to link to py3 stdlib