#28660 closed Cleanup/optimization (wontfix)
Remove CryptPasswordHasher
Reported by: | Mads Jensen | Owned by: | Uman Shahzad |
---|---|---|---|
Component: | contrib.auth | Version: | dev |
Severity: | Normal | Keywords: | hasher crypt password |
Cc: | Triage Stage: | Unreviewed | |
Has patch: | yes | Needs documentation: | no |
Needs tests: | no | Patch needs improvement: | no |
Easy pickings: | no | UI/UX: | no |
Description
It's not documented, and is no longer included in any default settings, and the doc string says it may not be available on all platforms. There's a single test in tests/auth_tests/test_hashers.py
for it.
Change History (4)
comment:1 by , 7 years ago
Owner: | changed from | to
---|---|
Status: | new → assigned |
comment:3 by , 7 years ago
It is documented here: https://docs.djangoproject.com/en/1.11/topics/auth/passwords/#included-hashers
I'm not seeing a pressing reason to remove this hasher, which may be used for compatibility with existing password databases.
If there's a decision to remove it, that should go through a deprecation path.
comment:4 by , 7 years ago
Resolution: | → wontfix |
---|---|
Status: | assigned → closed |
I agree -- unless a discussion on the DevelopersMailingList yields a consensus that the original use case in #3316 in obsolete, this hasher doesn't have much maintenance cost and it's better for there to be a canonical implementation rather than requiring users to implement it themselves.