Add error for bad configuration

This commit is contained in:
Matt Wright
2012-08-24 00:27:22 -04:00
parent bac04a0f3c
commit 23cc774f96
2 changed files with 16 additions and 1 deletions
+6
View File
@@ -80,6 +80,12 @@ def logout_user():
def get_hmac(password):
if _security.password_hash == 'plaintext':
return password
if _security.password_salt is None:
raise RuntimeError('The configuration value `SECURITY_PASSWORD_SALT` '
'must not be None when the value of `SECURITY_PASSWORD_HASH` is '
'set to "%s"' % _security.password_hash)
h = hmac.new(_security.password_salt, password, hashlib.sha512)
return base64.b64encode(h.digest())
+10 -1
View File
@@ -204,7 +204,6 @@ class ConfiguredSecurityTests(SecurityTest):
AUTH_CONFIG = {
'SECURITY_PASSWORD_HASH': 'bcrypt',
'SECURITY_PASSWORD_SALT': 'so-salty',
'SECURITY_PASSWORD_HMAC': True,
'SECURITY_REGISTERABLE': True,
'SECURITY_LOGOUT_URL': '/custom_logout',
'SECURITY_LOGIN_URL': '/custom_login',
@@ -262,6 +261,16 @@ class ConfiguredSecurityTests(SecurityTest):
self.assertEquals('Basic realm="Custom Realm"', r.headers['WWW-Authenticate'])
class BadConfiguredSecurityTests(SecurityTest):
AUTH_CONFIG = {
'SECURITY_PASSWORD_HASH': 'bcrypt',
}
def test_bad_configuration_raises_runtimer_error(self):
self.assertRaises(RuntimeError, self.authenticate)
class RegisterableTests(SecurityTest):
AUTH_CONFIG = {
'SECURITY_REGISTERABLE': True