Passage de sha1 à sha256 pour le pwd sur Account

2016-09-03 02:54:02 +02:00 · 2016-09-03 02:54:02 +02:00 · d12dfe2f56
parent 7bfd2e2f9a
commit d12dfe2f56
2 changed files with 4 additions and 4 deletions
--- a/kfet/backends.py
+++ b/kfet/backends.py
@ -18,8 +18,8 @@ class KFetBackend(object):
            return None

        try:
-            password_sha1 = hashlib.sha1(password.encode()).hexdigest()
-            account = Account.objects.get(password=password_sha1)
+            password_sha256 = hashlib.sha256(password.encode()).hexdigest()
+            account = Account.objects.get(password=password_sha256)
            user = account.cofprofile.user
        except Account.DoesNotExist:
            return None
--- a/kfet/views.py
+++ b/kfet/views.py
@ -319,9 +319,9 @@ def account_update(request, trigramme):
                if (request.user.has_perm('kfet.change_account_password')
                        and pwd_form.is_valid()):
                    pwd = pwd_form.cleaned_data['pwd1']
-                    pwd_sha1 = hashlib.sha1(pwd.encode()).hexdigest()
+                    pwd_sha256 = hashlib.sha256(pwd.encode()).hexdigest()
                    Account.objects.filter(pk=account.pk).update(
-                            password = pwd_sha1)
+                            password = pwd_sha256)
                    messages.success(request, 'Mot de passe mis à jour')

                # Checking perm to manage perms