mirror of
https://github.com/wassname/flask-security.git
synced 2026-07-05 17:30:14 +08:00
Add error for bad configuration
This commit is contained in:
@@ -80,6 +80,12 @@ def logout_user():
|
||||
def get_hmac(password):
|
||||
if _security.password_hash == 'plaintext':
|
||||
return password
|
||||
|
||||
if _security.password_salt is None:
|
||||
raise RuntimeError('The configuration value `SECURITY_PASSWORD_SALT` '
|
||||
'must not be None when the value of `SECURITY_PASSWORD_HASH` is '
|
||||
'set to "%s"' % _security.password_hash)
|
||||
|
||||
h = hmac.new(_security.password_salt, password, hashlib.sha512)
|
||||
return base64.b64encode(h.digest())
|
||||
|
||||
|
||||
@@ -204,7 +204,6 @@ class ConfiguredSecurityTests(SecurityTest):
|
||||
AUTH_CONFIG = {
|
||||
'SECURITY_PASSWORD_HASH': 'bcrypt',
|
||||
'SECURITY_PASSWORD_SALT': 'so-salty',
|
||||
'SECURITY_PASSWORD_HMAC': True,
|
||||
'SECURITY_REGISTERABLE': True,
|
||||
'SECURITY_LOGOUT_URL': '/custom_logout',
|
||||
'SECURITY_LOGIN_URL': '/custom_login',
|
||||
@@ -262,6 +261,16 @@ class ConfiguredSecurityTests(SecurityTest):
|
||||
self.assertEquals('Basic realm="Custom Realm"', r.headers['WWW-Authenticate'])
|
||||
|
||||
|
||||
class BadConfiguredSecurityTests(SecurityTest):
|
||||
|
||||
AUTH_CONFIG = {
|
||||
'SECURITY_PASSWORD_HASH': 'bcrypt',
|
||||
}
|
||||
|
||||
def test_bad_configuration_raises_runtimer_error(self):
|
||||
self.assertRaises(RuntimeError, self.authenticate)
|
||||
|
||||
|
||||
class RegisterableTests(SecurityTest):
|
||||
AUTH_CONFIG = {
|
||||
'SECURITY_REGISTERABLE': True
|
||||
|
||||
Reference in New Issue
Block a user