On Tue, Jul 1, 2014 at 1:27 PM, guillaume <guillaume.sueur@laposte.net> wrote:
> Hi Tom,
>
> Yes indeed, I know that page, but there is no way I can make it the same
> than the other one which relies on SHA256, some system key I don't know and
> a random salt. So there is no way for me to find the correct encryption for
> the remote database, that's why I want to use it's API registration system
> and feed it with the clear password.
You first post said you wanted to intercept the plain text password so
that you could supply it to a separate third party system that would
generate the hash.
This is what the hashing classes do. There are two functions you need
to implement:
encode(self, password, salt)
This function is given the plain text password and the salt, and
should return the encoded password for storage.
You can call your 3rd party system with those values in order to get
the encoded password.
verify(self, password, encoded)
This function is given the encoded password from the database, and the
plain text password as supplied by the user at login, and should
return whether the two are a match.
Again, this can call your 3rd party system in order to effect the verification.
Cheers
Tom
--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAFHbX1JBiyVYjtFxQ6HZCP4e52E8MPDvCYg4w8msq3BYMuJDhw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment