Use Argon2 password hashing.

This commit is contained in:
Josh Washburne 2019-01-16 10:11:41 -05:00
parent 0a686f48f3
commit 1a95c323d4
2 changed files with 10 additions and 0 deletions

View file

@ -1,7 +1,10 @@
argon2-cffi>=18.3.0
cffi>=1.11.5
dj-database-url>=0.5.0
Django>=2.1.5
django-authtools>=1.6.0
djangorestframework>=3.9.0
psycopg2>=2.7.6.1
pycparser>=2.19
python-decouple>=3.1
pytz>=2018.9

View file

@ -59,6 +59,13 @@ MIDDLEWARE = [
'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
PASSWORD_HASHERS = [
'django.contrib.auth.hashers.Argon2PasswordHasher',
'django.contrib.auth.hashers.PBKDF2PasswordHasher',
'django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher',
'django.contrib.auth.hashers.BCryptSHA256PasswordHasher',
]
ROOT_URLCONF = 'savepointradio.urls'
SECRET_KEY = config('SECRET_KEY')