urls: Support sha256-based tokens - patchwork - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Stephen Finucane <stephen@that.guru>	2021-02-20 12:22:08 +0000
committer	Stephen Finucane <stephen@that.guru>	2021-02-20 14:10:06 +0000
commit	8d988f15b8a3c433aa385de7e5ba5129fdba4f40 (patch)
tree	5afd038312cbe9774e8d1d0f001c68922f164049 /manage.py
parent	d11ac34e9f0f2a86901ed74da27fa7a2df109728 (diff)
download	patchwork-8d988f15b8a3c433aa385de7e5ba5129fdba4f40.tar patchwork-8d988f15b8a3c433aa385de7e5ba5129fdba4f40.tar.gz

urls: Support sha256-based tokens

Django 3.1 changed the default hashing algorithm used for things like password reset tokens from SHA-1 to SHA-256. As noted in the release notes [1], this is configurable via the 'DEFAULT_HASHING_ALGORITHM' transitional setting, but that's only intended to allow upgrades of multiple instances in a HA deployment and shouldn't be used post upgrade. Instead, we need to fix our URLs to support the longer tokens generated by SHA-256. Long term, we want to replace these regex-based routes with the simpler flask-style template string routes. That's not really backportable so we'll do that separately. [1] https://docs.djangoproject.com/en/3.1/releases/3.1/#default-hashing-algorithm-settings Signed-off-by: Stephen Finucane <stephen@that.guru> Closes: #394

Diffstat (limited to 'manage.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: