Challenge length is now configurable
This commit is contained in:
parent
7b024282e9
commit
0ad15c6277
13
AUTHORS.rst
13
AUTHORS.rst
|
@ -1,13 +1,6 @@
|
|||
=======
|
||||
Credits
|
||||
=======
|
||||
|
||||
Development Lead
|
||||
----------------
|
||||
============
|
||||
Contributors
|
||||
============
|
||||
|
||||
* Gonçalo Valério <gon@ovalerio.net>
|
||||
|
||||
Contributors
|
||||
------------
|
||||
|
||||
* Guy Willett - https://github.com/guywillett
|
||||
|
|
|
@ -40,7 +40,7 @@ Quickstart
|
|||
|
||||
INSTALLED_APPS = (
|
||||
...
|
||||
'django_cryptolock.apps.DjangoCryptolockConfig',
|
||||
"django_cryptolock.apps.DjangoCryptolockConfig",
|
||||
...
|
||||
)
|
||||
|
||||
|
|
|
@ -41,4 +41,5 @@ def verify_bitcoin_signature(
|
|||
|
||||
def generate_challenge():
|
||||
"""Generates a new random challenge for the authentication."""
|
||||
return token_hex(8)
|
||||
num_bytes = getattr(settings, "DJCL_CHALLENGE_BYTES", 16)
|
||||
return token_hex(num_bytes)
|
||||
|
|
|
@ -8,7 +8,7 @@ To use Django-Cryptolock in a project, add it to your `INSTALLED_APPS`:
|
|||
|
||||
INSTALLED_APPS = (
|
||||
...
|
||||
'django_cryptolock.apps.DjangoCryptolockConfig',
|
||||
"django_cryptolock.apps.DjangoCryptolockConfig",
|
||||
...
|
||||
)
|
||||
|
||||
|
@ -21,6 +21,9 @@ Now you should add the auth backend you wish to use on your project. You can use
|
|||
"django_cryptolock.backends.MoneroAddressBackend",
|
||||
]
|
||||
|
||||
Required Configuration
|
||||
----------------------
|
||||
|
||||
If you use Monero, currently the following extra settings are required:
|
||||
|
||||
.. code-block:: python
|
||||
|
@ -37,6 +40,17 @@ For Bitcoin, you only need to set the ``DJCL_BITCOIN_NETWORK``:
|
|||
|
||||
DJCL_BITCOIN_NETWORK = "mainnet" # mainnet or testnet
|
||||
|
||||
Optional Configuration
|
||||
----------------------
|
||||
|
||||
``DJCL_CHALLENGE_BYTES`` can be used to customize the challenge length. The
|
||||
default is ``16`` and you should avoid lower values unless you know what you
|
||||
are doing.
|
||||
|
||||
|
||||
Using the default forms and views
|
||||
---------------------------------
|
||||
|
||||
Add Django-Cryptolock's URL patterns:
|
||||
|
||||
.. code-block:: python
|
||||
|
@ -55,9 +69,9 @@ This will add 2 routes :
|
|||
* ``django_cryptolock:signup``
|
||||
* ``django_cryptolock:login``
|
||||
|
||||
For usega within you templates. For specific auth pages you can create the
|
||||
template files (``login.html`` and ``signup.html``) under a
|
||||
``django_cryptolock`` subfolder.
|
||||
You can then customize the generated HTML by creating the template files
|
||||
(``login.html`` and ``signup.html``) under a ``django_cryptolock`` subfolder in
|
||||
your templates directory.
|
||||
|
||||
Both of these templates will have access to a ``form```containing the required
|
||||
Both of these templates will have access to a ``form`` containing the required
|
||||
fields for the authentication.
|
||||
|
|
|
@ -4,6 +4,13 @@ from model_mommy import mommy
|
|||
from django_cryptolock.utils import generate_challenge
|
||||
|
||||
|
||||
def test_challenge_has_8_bytes():
|
||||
def test_challenge_has_default_byte_len():
|
||||
challenge = generate_challenge()
|
||||
assert len(bytes.fromhex(challenge)) == 8
|
||||
assert len(bytes.fromhex(challenge)) == 16
|
||||
|
||||
|
||||
@pytest.mark.parametrize("length", (8, 16, 32, 64))
|
||||
def test_challenge_has_custom_byte_len(length, settings):
|
||||
settings.DJCL_CHALLENGE_BYTES = length
|
||||
challenge = generate_challenge()
|
||||
assert len(bytes.fromhex(challenge)) == length
|
||||
|
|
Loading…
Reference in New Issue