Ticket #3 (assigned enhancement)

Opened 4 years ago

Last modified 3 years ago

Password Encoding

Reported by: william Owned by: william
Priority: major Milestone:
Component: Core Features Version: 1.0
Keywords: Cc:

Description (last modified by william) (diff)

No longer store passwords to the TurtolCMS in plain text, instead use md5. If a login occurs and the password is not encoded, encode it, save, and then log the user in. This will allow un-encoded passwords to be updated properly.

Change History

Changed 4 years ago by william

  • milestone changed from 0.5.16 to 0.5.17

Changed 4 years ago by william

  • owner changed from william to turtol

Changed 4 years ago by william

  • owner changed from turtol to william
  • status changed from new to assigned

Changed 4 years ago by william

  • description modified (diff)

Changed 4 years ago by william

  • version changed from 0.x to 1.0
  • milestone changed from 0.6 - "Kookie Kalendar" to 1.0 - "Holy Crap, it's an application platform"

Related to assets, pushing to 1.0 for cleaner implementation.

NOTES: Pre-pend password with an indicator, such as "{md5}-", to indicate it has been hashed and to allow for multiple hashing methods. Use hexdigest instead of digest, md5.new(password).hexdigest().

Changed 3 years ago by anonymous

  • milestone 1.0 - "Holy Crap, it's an application platform" deleted

Milestone 1.0 - "Holy Crap, it's an application platform" deleted

Note: See TracTickets for help on using tickets.