passlib/apps.py


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65

"""passlib.apps"""
#=========================================================
#imports
#=========================================================
#core
import platform
import logging; log = logging.getLogger(__name__)
#site
#libs
from passlib.context import CryptContext
#pkg
#local
__all__ = [
    'custom_app_context',
    'postgres_context',
    'ldap_context',
    #mssql
    'mysql_context', 'mysql4_context', 'mysql3_context',
    #oracle
]

#=========================================================
#for quickly bootstrapping new custom applications
#=========================================================
_is32 = platform.architecture()[0] == '32bit'

custom_app_context = CryptContext(
    #choose some reasonbly strong schemes
    schemes=["sha512_crypt", "sha256_crypt"],

    #set some useful global options
    min_verify_time = .125,
    all__vary_rounds = "10%",
    default="sha256_crypt" if _is32 else "sha512_crypt",

    #set a good starting point for rounds selection
    sha512_crypt__default_rounds = 40000,
    sha256_crypt__default_rounds = 40000,

    #if the admin user category is selected, make a much stronger hash,
    admin__sha512_crypt__default_rounds = 80000,
    admin__sha256_crypt__default_rounds = 80000,
    )

#=========================================================
#ldap
#=========================================================
#TODO: support ldap_crypt
ldap_context = CryptContext(["ldap_salted_sha1", "ldap_salted_md5", "ldap_sha1", "ldap_md5", "ldap_plaintext" ])

#=========================================================
#mysql
#=========================================================
mysql3_context = CryptContext(["mysql323"])
mysql4_context = CryptContext(["mysql41", "mysql323"], deprecated="mysql323")
mysql_context = mysql4_context #tracks latest mysql version supported

#=========================================================
#postgres
#=========================================================
postgres_context = CryptContext(["postgres_md5"])

#=========================================================
# eof
#=========================================================