Changeset 75ccc48 for remit/manage.py

Timestamp:
Jun 15, 2014, 9:42:51 PM (11 years ago)
Author:
Alex Dehnert <adehnert@…>
Branches:
master
Children:
ff623c3
Parents:
5c334f6
git-author:
Alex Dehnert <adehnert@…> (06/15/14 17:51:08)
git-committer:
Alex Dehnert <adehnert@…> (06/15/14 21:42:51)
Message:

Django 1.6: Handle the removal of UNUSABLE_PASSWORD

Django 1.6 (specifically, ticket #20079) replaced a fixed UNUSABLE_PASSWORD
with a prefix followed by a random suffix, to avoid password reset attacks.
This updates the a migration to do the same.

While in theory we could do a better job of (e.g.) using different random
passwords per-user, it's unlikely that the migration will ever impact a user --
new installs won't have any users with bad passwords, and old installs have
probably already run the migration (esp.mit.edu, the only site I know of using
SocketAuth?, already seems to have).

(No files)

Note: See TracChangeset for help on using the changeset viewer.