From 1a95c323d4c5976924b564829e16cec60505b284 Mon Sep 17 00:00:00 2001
From: Josh Washburne <recursive.green@gmail.com>
Date: Wed, 16 Jan 2019 10:11:41 -0500
Subject: [PATCH] Use Argon2 password hashing.

---
 requirements.txt                               | 3 +++
 savepointradio/savepointradio/settings/base.py | 7 +++++++
 2 files changed, 10 insertions(+)

diff --git a/requirements.txt b/requirements.txt
index d4b4571..1d1641e 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,7 +1,10 @@
+argon2-cffi>=18.3.0
+cffi>=1.11.5
 dj-database-url>=0.5.0
 Django>=2.1.5
 django-authtools>=1.6.0
 djangorestframework>=3.9.0
 psycopg2>=2.7.6.1
+pycparser>=2.19
 python-decouple>=3.1
 pytz>=2018.9
diff --git a/savepointradio/savepointradio/settings/base.py b/savepointradio/savepointradio/settings/base.py
index a6d91d7..169b1c2 100644
--- a/savepointradio/savepointradio/settings/base.py
+++ b/savepointradio/savepointradio/settings/base.py
@@ -59,6 +59,13 @@ MIDDLEWARE = [
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
 ]
 
+PASSWORD_HASHERS = [
+    'django.contrib.auth.hashers.Argon2PasswordHasher',
+    'django.contrib.auth.hashers.PBKDF2PasswordHasher',
+    'django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher',
+    'django.contrib.auth.hashers.BCryptSHA256PasswordHasher',
+]
+
 ROOT_URLCONF = 'savepointradio.urls'
 
 SECRET_KEY = config('SECRET_KEY')