Switch to argon2 for passwords

This commit is contained in:
Gabriel Augendre 2022-09-26 15:08:37 +02:00
parent f84cb40946
commit 3cf93a5ce6
3 changed files with 81 additions and 23 deletions

97
poetry.lock generated
View file

@ -1,3 +1,34 @@
[[package]]
name = "argon2-cffi"
version = "21.3.0"
description = "The secure Argon2 password hashing algorithm."
category = "main"
optional = false
python-versions = ">=3.6"
[package.dependencies]
argon2-cffi-bindings = "*"
[package.extras]
dev = ["pre-commit", "cogapp", "tomli", "coverage[toml] (>=5.0.2)", "hypothesis", "pytest", "sphinx", "sphinx-notfound-page", "furo"]
docs = ["sphinx", "sphinx-notfound-page", "furo"]
tests = ["coverage[toml] (>=5.0.2)", "hypothesis", "pytest"]
[[package]]
name = "argon2-cffi-bindings"
version = "21.2.0"
description = "Low-level CFFI bindings for Argon2"
category = "main"
optional = false
python-versions = ">=3.6"
[package.dependencies]
cffi = ">=1.0.1"
[package.extras]
dev = ["pytest", "cogapp", "pre-commit", "wheel"]
tests = ["pytest"]
[[package]] [[package]]
name = "asgiref" name = "asgiref"
version = "3.5.2" version = "3.5.2"
@ -56,12 +87,23 @@ python-versions = ">=2.7"
[[package]] [[package]]
name = "certifi" name = "certifi"
version = "2022.9.14" version = "2022.9.24"
description = "Python package for providing Mozilla's CA Bundle." description = "Python package for providing Mozilla's CA Bundle."
category = "main" category = "main"
optional = false optional = false
python-versions = ">=3.6" python-versions = ">=3.6"
[[package]]
name = "cffi"
version = "1.15.1"
description = "Foreign Function Interface for Python calling C code."
category = "main"
optional = false
python-versions = "*"
[package.dependencies]
pycparser = "*"
[[package]] [[package]]
name = "cfgv" name = "cfgv"
version = "3.3.1" version = "3.3.1"
@ -139,6 +181,7 @@ optional = false
python-versions = ">=3.8" python-versions = ">=3.8"
[package.dependencies] [package.dependencies]
argon2-cffi = {version = ">=19.1.0", optional = true, markers = "extra == \"argon2\""}
asgiref = ">=3.5.2,<4" asgiref = ">=3.5.2,<4"
sqlparse = ">=0.2.2" sqlparse = ">=0.2.2"
tzdata = {version = "*", markers = "sys_platform == \"win32\""} tzdata = {version = "*", markers = "sys_platform == \"win32\""}
@ -189,7 +232,7 @@ tests = ["pytest (<4.0)", "pytest-django", "pytest-flakes (==1.0.1)", "pytest-pe
[[package]] [[package]]
name = "django-debug-toolbar" name = "django-debug-toolbar"
version = "3.6.0" version = "3.7.0"
description = "A configurable set of panels that display various debug information about the current request/response." description = "A configurable set of panels that display various debug information about the current request/response."
category = "main" category = "main"
optional = false optional = false
@ -250,14 +293,14 @@ qrcode = ["qrcode"]
[[package]] [[package]]
name = "django-phonenumber-field" name = "django-phonenumber-field"
version = "5.2.0" version = "6.4.0"
description = "An international phone number field for django models." description = "An international phone number field for django models."
category = "main" category = "main"
optional = false optional = false
python-versions = ">=3.6" python-versions = ">=3.7"
[package.dependencies] [package.dependencies]
Django = ">=2.2" Django = ">=3.2"
[package.extras] [package.extras]
phonenumbers = ["phonenumbers (>=7.0.2)"] phonenumbers = ["phonenumbers (>=7.0.2)"]
@ -403,12 +446,16 @@ testing = ["coverage", "pyyaml"]
[[package]] [[package]]
name = "markdown2" name = "markdown2"
version = "2.4.3" version = "2.4.5"
description = "A fast and complete Python implementation of Markdown" description = "A fast and complete Python implementation of Markdown"
category = "main" category = "main"
optional = false optional = false
python-versions = ">=3.5, <4" python-versions = ">=3.5, <4"
[package.extras]
all = ["pygments (>=2.7.3)"]
code_syntax_highlighting = ["pygments (>=2.7.3)"]
[[package]] [[package]]
name = "model-bakery" name = "model-bakery"
version = "1.7.0" version = "1.7.0"
@ -475,7 +522,7 @@ pyparsing = ">=2.0.2,<3.0.5 || >3.0.5"
[[package]] [[package]]
name = "phonenumberslite" name = "phonenumberslite"
version = "8.12.55" version = "8.12.56"
description = "Python version of Google's common library for parsing, formatting, storing and validating international phone numbers." description = "Python version of Google's common library for parsing, formatting, storing and validating international phone numbers."
category = "main" category = "main"
optional = false optional = false
@ -570,6 +617,14 @@ category = "dev"
optional = false optional = false
python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*" python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*"
[[package]]
name = "pycparser"
version = "2.21"
description = "C parser in Python"
category = "main"
optional = false
python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*"
[[package]] [[package]]
name = "pygments" name = "pygments"
version = "2.13.0" version = "2.13.0"
@ -728,21 +783,21 @@ python-versions = ">=3.6"
[[package]] [[package]]
name = "qrcode" name = "qrcode"
version = "6.1" version = "7.3.1"
description = "QR Code image generator" description = "QR Code image generator"
category = "main" category = "main"
optional = false optional = false
python-versions = "*" python-versions = ">=3.6"
[package.dependencies] [package.dependencies]
colorama = {version = "*", markers = "platform_system == \"Windows\""} colorama = {version = "*", markers = "platform_system == \"Windows\""}
six = "*"
[package.extras] [package.extras]
dev = ["tox", "pytest", "mock"] all = ["zest.releaser", "tox", "pytest", "pytest", "pytest-cov", "pillow"]
dev = ["tox", "pytest"]
maintainer = ["zest.releaser"] maintainer = ["zest.releaser"]
pil = ["pillow"] pil = ["pillow"]
test = ["pytest", "pytest-cov", "mock"] test = ["pytest", "pytest-cov"]
[[package]] [[package]]
name = "rcssmin" name = "rcssmin"
@ -798,7 +853,7 @@ requests = ">=2.0.1,<3.0.0"
name = "six" name = "six"
version = "1.16.0" version = "1.16.0"
description = "Python 2 and 3 compatibility utilities" description = "Python 2 and 3 compatibility utilities"
category = "main" category = "dev"
optional = false optional = false
python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*" python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*"
@ -1014,9 +1069,11 @@ multidict = ">=4.0"
[metadata] [metadata]
lock-version = "1.1" lock-version = "1.1"
python-versions = "^3.10" python-versions = "^3.10"
content-hash = "67be358cc8c633ec79a2343d4b3a9491d0032ef9d116e8c215b9573c44200893" content-hash = "5ad534aa66d00801396cd3819d72a5dc57ac9159855eaac62d192313ebb09be3"
[metadata.files] [metadata.files]
argon2-cffi = []
argon2-cffi-bindings = []
asgiref = [ asgiref = [
{file = "asgiref-3.5.2-py3-none-any.whl", hash = "sha256:1d2880b792ae8757289136f1db2b7b99100ce959b2aa57fd69dab783d05afac4"}, {file = "asgiref-3.5.2-py3-none-any.whl", hash = "sha256:1d2880b792ae8757289136f1db2b7b99100ce959b2aa57fd69dab783d05afac4"},
{file = "asgiref-3.5.2.tar.gz", hash = "sha256:4a29362a6acebe09bf1d6640db38c1dc3d9217c68e6f9f6204d72667fc19a424"}, {file = "asgiref-3.5.2.tar.gz", hash = "sha256:4a29362a6acebe09bf1d6640db38c1dc3d9217c68e6f9f6204d72667fc19a424"},
@ -1092,6 +1149,7 @@ brotli = [
] ]
cerberus = [] cerberus = []
certifi = [] certifi = []
cffi = []
cfgv = [ cfgv = [
{file = "cfgv-3.3.1-py2.py3-none-any.whl", hash = "sha256:c6a0883f3917a037485059700b9e75da2464e6c27051014ad85ba6aaa5884426"}, {file = "cfgv-3.3.1-py2.py3-none-any.whl", hash = "sha256:c6a0883f3917a037485059700b9e75da2464e6c27051014ad85ba6aaa5884426"},
{file = "cfgv-3.3.1.tar.gz", hash = "sha256:f5a830efb9ce7a445376bb66ec94c638a9787422f96264c98edc6bdeed8ab736"}, {file = "cfgv-3.3.1.tar.gz", hash = "sha256:f5a830efb9ce7a445376bb66ec94c638a9787422f96264c98edc6bdeed8ab736"},
@ -1129,10 +1187,7 @@ django-otp = [
{file = "django-otp-1.1.3.tar.gz", hash = "sha256:f002c71d4ea7f514590be00492980d3c87397b73dc20542e1c4fc00b66f2dda1"}, {file = "django-otp-1.1.3.tar.gz", hash = "sha256:f002c71d4ea7f514590be00492980d3c87397b73dc20542e1c4fc00b66f2dda1"},
{file = "django_otp-1.1.3-py3-none-any.whl", hash = "sha256:8637be826c0465d0fd1710e4472efe9fc83883853a2141fefdbace9358d20003"}, {file = "django_otp-1.1.3-py3-none-any.whl", hash = "sha256:8637be826c0465d0fd1710e4472efe9fc83883853a2141fefdbace9358d20003"},
] ]
django-phonenumber-field = [ django-phonenumber-field = []
{file = "django-phonenumber-field-5.2.0.tar.gz", hash = "sha256:52b2e5970133ec5ab701218b802f7ab237229854dc95fd239b7e9e77dc43731d"},
{file = "django_phonenumber_field-5.2.0-py3-none-any.whl", hash = "sha256:5547fb2b2cc690a306ba77a5038419afc8fa8298a486fb7895008e9067cc7e75"},
]
django-two-factor-auth = [] django-two-factor-auth = []
filelock = [] filelock = []
gunicorn = [ gunicorn = [
@ -1243,6 +1298,7 @@ py = [
{file = "py-1.11.0-py2.py3-none-any.whl", hash = "sha256:607c53218732647dff4acdfcd50cb62615cedf612e72d1724fb1a0cc6405b378"}, {file = "py-1.11.0-py2.py3-none-any.whl", hash = "sha256:607c53218732647dff4acdfcd50cb62615cedf612e72d1724fb1a0cc6405b378"},
{file = "py-1.11.0.tar.gz", hash = "sha256:51c75c4126074b472f746a24399ad32f6053d1b34b68d2fa41e558e6f4a98719"}, {file = "py-1.11.0.tar.gz", hash = "sha256:51c75c4126074b472f746a24399ad32f6053d1b34b68d2fa41e558e6f4a98719"},
] ]
pycparser = []
pygments = [] pygments = []
pyparsing = [ pyparsing = [
{file = "pyparsing-3.0.9-py3-none-any.whl", hash = "sha256:5026bae9a10eeaefb61dab2f09052b9f4307d44aee4eda64b309723d8d206bbc"}, {file = "pyparsing-3.0.9-py3-none-any.whl", hash = "sha256:5026bae9a10eeaefb61dab2f09052b9f4307d44aee4eda64b309723d8d206bbc"},
@ -1306,10 +1362,7 @@ pyyaml = [
{file = "PyYAML-6.0-cp39-cp39-win_amd64.whl", hash = "sha256:b3d267842bf12586ba6c734f89d1f5b871df0273157918b0ccefa29deb05c21c"}, {file = "PyYAML-6.0-cp39-cp39-win_amd64.whl", hash = "sha256:b3d267842bf12586ba6c734f89d1f5b871df0273157918b0ccefa29deb05c21c"},
{file = "PyYAML-6.0.tar.gz", hash = "sha256:68fb519c14306fec9720a2a5b45bc9f0c8d1b9c72adf45c37baedfcd949c35a2"}, {file = "PyYAML-6.0.tar.gz", hash = "sha256:68fb519c14306fec9720a2a5b45bc9f0c8d1b9c72adf45c37baedfcd949c35a2"},
] ]
qrcode = [ qrcode = []
{file = "qrcode-6.1-py2.py3-none-any.whl", hash = "sha256:3996ee560fc39532910603704c82980ff6d4d5d629f9c3f25f34174ce8606cf5"},
{file = "qrcode-6.1.tar.gz", hash = "sha256:505253854f607f2abf4d16092c61d4e9d511a3b4392e60bff957a68592b04369"},
]
rcssmin = [] rcssmin = []
readtime = [] readtime = []
requests = [] requests = []

View file

@ -7,7 +7,7 @@ license = "GPLv3"
[tool.poetry.dependencies] [tool.poetry.dependencies]
python = "^3.10" python = "^3.10"
django = "^4.1" django = {version = "^4.1", extras = ["argon2"]}
markdown = "^3.2" markdown = "^3.2"
gunicorn = "^20.0" gunicorn = "^20.0"
Pygments = "^2.6" Pygments = "^2.6"

View file

@ -185,6 +185,11 @@ AUTH_PASSWORD_VALIDATORS = [
{"NAME": "django.contrib.auth.password_validation.NumericPasswordValidator"}, {"NAME": "django.contrib.auth.password_validation.NumericPasswordValidator"},
] ]
PASSWORD_HASHERS = [
"django.contrib.auth.hashers.Argon2PasswordHasher",
"django.contrib.auth.hashers.PBKDF2PasswordHasher",
]
# Internationalization # Internationalization
# https://docs.djangoproject.com/en/3.1/topics/i18n/ # https://docs.djangoproject.com/en/3.1/topics/i18n/