diff MoinMoin/config/__init__.py @ 5922:25900eaeb864

passlib integration - enhanced password hash security Docs for passlib: http://packages.python.org/passlib/ Updated docs/CHANGES about the moin integration. Updated docs/REQUIREMENTS about passlib requirements. Added/Adapted related unit tests. Added logging for password hash processing errors.
author Thomas Waldmann <tw AT waldmann-edv DOT de>
date Sat, 19 Jan 2013 00:32:21 +0100
parents 31c27d72ad9c
children
line wrap: on
line diff
--- a/MoinMoin/config/__init__.py	Fri Jan 18 01:46:13 2013 +0100
+++ b/MoinMoin/config/__init__.py	Sat Jan 19 00:32:21 2013 +0100
@@ -22,6 +22,16 @@
 # When creating files, we use e.g. 0666 & config.umask for the mode:
 umask = 0770
 
+# list of acceptable password hashing schemes for cfg.password_scheme,
+# here we only give reasonably good schemes, which is passlib (if we
+# have passlib) and ssha (if we only have builtin stuff):
+password_schemes_configurable = ['{PASSLIB}', '{SSHA}', ]
+
+# ordered list of supported password hashing schemes, best (passlib) should be
+# first, best builtin one should be second. this is what we support if we
+# encounter it in user profiles:
+password_schemes_supported = password_schemes_configurable + ['{SHA}', '{APR1}', '{MD5}', '{DES}', ]
+
 # Default value for the static stuff URL prefix (css, img, js).
 # Caution:
 # * do NOT use this directly, it is only the DEFAULT value to be used by