Ticket #10265: token.patch

File token.patch, 1.3 KB (added by crucialfelix@…, 16 years ago)
  • contrib/auth/tokens.py

     
    5252        # We limit the hash to 20 chars to keep URL short
    5353        from django.utils.hashcompat import sha_constructor
    5454        hash = sha_constructor(settings.SECRET_KEY + unicode(user.id) +
    55                                user.password + unicode(user.last_login) +
     55                               user.password + user.last_login.strftime('%Y-%m-%d %H:%M:%S') +
    5656                               unicode(timestamp)).hexdigest()[::2]
    5757        return "%s-%s" % (ts_b36, hash)
    5858
  • contrib/auth/tests/tokens.py

     
    88>>> p0.check_token(u, tk1)
    99True
    1010
     11>>> u = User.objects.create_user('comebackkid', 'test3@example.com', 'testpw')
     12>>> p0 = PasswordResetTokenGenerator()
     13>>> tk1 = p0.make_token(u)
     14>>> reload = User.objects.get(username='comebackkid')
     15>>> tk2 = p0.make_token(reload)
     16>>> tk1 == tk2
     17True
     18
    1119Tests to ensure we can use the token after n days, but no greater.
    1220Use a mocked version of PasswordResetTokenGenerator so we can change
    1321the value of 'today'
Back to Top