django.contrib.auth.hashers.UnsaltedMD5PasswordHasher

class documentation

class UnsaltedMD5PasswordHasher(BasePasswordHasher):

Incredibly insecure algorithm that you should never use; stores unsalted MD5 hashes without the algorithm prefix, also accepts MD5 hashes with an empty salt.

This class is implemented because Django used to store passwords this way and to accept such password hashes. Some older Django installs still have these values lingering around so we need to handle and upgrade them properly.

Method	`decode`	Return a decoded database value.
Method	`encode`	Create an encoded database value.
Method	`harden_runtime`	Bridge the runtime gap between the work factor supplied in `encoded` and the work factor suggested by this hasher.
Method	`safe_summary`	Return a summary of safe values.
Method	`salt`	Generate a cryptographically secure nonce salt in ASCII with an entropy of at least `salt_entropy` bits.
Method	`verify`	Check if the given password is correct.
Class Variable	`algorithm`	Undocumented

Inherited from BasePasswordHasher:

Method	`_check_encode_args`	Undocumented
Method	`_load_library`	Undocumented
Method	`must_update`	Undocumented
Class Variable	`library`	Undocumented
Class Variable	`salt_entropy`	Undocumented

def decode(self, encoded):

overrides django.contrib.auth.hashers.BasePasswordHasher.decode

Return a decoded database value.

The result is a dictionary and should contain algorithm, hash, and salt. Extra keys can be algorithm specific like iterations or work_factor.

def encode(self, password, salt):

overrides django.contrib.auth.hashers.BasePasswordHasher.encode

Create an encoded database value.

The result is normally formatted as "algorithm$salt$hash" and must be fewer than 128 characters.

def harden_runtime(self, password, encoded):

overrides django.contrib.auth.hashers.BasePasswordHasher.harden_runtime

Bridge the runtime gap between the work factor supplied in encoded and the work factor suggested by this hasher.

Taking PBKDF2 as an example, if encoded contains 20000 iterations and self.iterations is 30000, this method should run password through another 10000 iterations of PBKDF2. Similar approaches should exist for any hasher that has a work factor. If not, this method should be defined as a no-op to silence the warning.

def safe_summary(self, encoded):

overrides django.contrib.auth.hashers.BasePasswordHasher.safe_summary

Return a summary of safe values.

The result is a dictionary and will be used where the password field must be displayed to construct a safe representation of the password.

def salt(self):

overrides django.contrib.auth.hashers.BasePasswordHasher.salt

Generate a cryptographically secure nonce salt in ASCII with an entropy of at least salt_entropy bits.

def verify(self, password, encoded):

overrides django.contrib.auth.hashers.BasePasswordHasher.verify

Check if the given password is correct.

algorithm: str =

overrides django.contrib.auth.hashers.BasePasswordHasher.algorithm

Undocumented