aboutsummaryrefslogtreecommitdiff
path: root/COPYING
diff options
context:
space:
mode:
authorStephen Finucane <stephen@that.guru>2021-02-20 12:22:08 +0000
committerStephen Finucane <stephen@that.guru>2021-02-20 14:10:06 +0000
commit8d988f15b8a3c433aa385de7e5ba5129fdba4f40 (patch)
tree5afd038312cbe9774e8d1d0f001c68922f164049 /COPYING
parentd11ac34e9f0f2a86901ed74da27fa7a2df109728 (diff)
downloadpatchwork-8d988f15b8a3c433aa385de7e5ba5129fdba4f40.tar
patchwork-8d988f15b8a3c433aa385de7e5ba5129fdba4f40.tar.gz
urls: Support sha256-based tokens
Django 3.1 changed the default hashing algorithm used for things like password reset tokens from SHA-1 to SHA-256. As noted in the release notes [1], this is configurable via the 'DEFAULT_HASHING_ALGORITHM' transitional setting, but that's only intended to allow upgrades of multiple instances in a HA deployment and shouldn't be used post upgrade. Instead, we need to fix our URLs to support the longer tokens generated by SHA-256. Long term, we want to replace these regex-based routes with the simpler flask-style template string routes. That's not really backportable so we'll do that separately. [1] https://docs.djangoproject.com/en/3.1/releases/3.1/#default-hashing-algorithm-settings Signed-off-by: Stephen Finucane <stephen@that.guru> Closes: #394
Diffstat (limited to 'COPYING')
0 files changed, 0 insertions, 0 deletions