Challenge length is now configurable
This commit is contained in:
parent
7b024282e9
commit
0ad15c6277
13
AUTHORS.rst
13
AUTHORS.rst
|
@ -1,13 +1,6 @@
|
||||||
=======
|
============
|
||||||
Credits
|
Contributors
|
||||||
=======
|
============
|
||||||
|
|
||||||
Development Lead
|
|
||||||
----------------
|
|
||||||
|
|
||||||
* Gonçalo Valério <gon@ovalerio.net>
|
* Gonçalo Valério <gon@ovalerio.net>
|
||||||
|
|
||||||
Contributors
|
|
||||||
------------
|
|
||||||
|
|
||||||
* Guy Willett - https://github.com/guywillett
|
* Guy Willett - https://github.com/guywillett
|
||||||
|
|
|
@ -40,7 +40,7 @@ Quickstart
|
||||||
|
|
||||||
INSTALLED_APPS = (
|
INSTALLED_APPS = (
|
||||||
...
|
...
|
||||||
'django_cryptolock.apps.DjangoCryptolockConfig',
|
"django_cryptolock.apps.DjangoCryptolockConfig",
|
||||||
...
|
...
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
|
@ -41,4 +41,5 @@ def verify_bitcoin_signature(
|
||||||
|
|
||||||
def generate_challenge():
|
def generate_challenge():
|
||||||
"""Generates a new random challenge for the authentication."""
|
"""Generates a new random challenge for the authentication."""
|
||||||
return token_hex(8)
|
num_bytes = getattr(settings, "DJCL_CHALLENGE_BYTES", 16)
|
||||||
|
return token_hex(num_bytes)
|
||||||
|
|
|
@ -8,7 +8,7 @@ To use Django-Cryptolock in a project, add it to your `INSTALLED_APPS`:
|
||||||
|
|
||||||
INSTALLED_APPS = (
|
INSTALLED_APPS = (
|
||||||
...
|
...
|
||||||
'django_cryptolock.apps.DjangoCryptolockConfig',
|
"django_cryptolock.apps.DjangoCryptolockConfig",
|
||||||
...
|
...
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -21,6 +21,9 @@ Now you should add the auth backend you wish to use on your project. You can use
|
||||||
"django_cryptolock.backends.MoneroAddressBackend",
|
"django_cryptolock.backends.MoneroAddressBackend",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
Required Configuration
|
||||||
|
----------------------
|
||||||
|
|
||||||
If you use Monero, currently the following extra settings are required:
|
If you use Monero, currently the following extra settings are required:
|
||||||
|
|
||||||
.. code-block:: python
|
.. code-block:: python
|
||||||
|
@ -37,6 +40,17 @@ For Bitcoin, you only need to set the ``DJCL_BITCOIN_NETWORK``:
|
||||||
|
|
||||||
DJCL_BITCOIN_NETWORK = "mainnet" # mainnet or testnet
|
DJCL_BITCOIN_NETWORK = "mainnet" # mainnet or testnet
|
||||||
|
|
||||||
|
Optional Configuration
|
||||||
|
----------------------
|
||||||
|
|
||||||
|
``DJCL_CHALLENGE_BYTES`` can be used to customize the challenge length. The
|
||||||
|
default is ``16`` and you should avoid lower values unless you know what you
|
||||||
|
are doing.
|
||||||
|
|
||||||
|
|
||||||
|
Using the default forms and views
|
||||||
|
---------------------------------
|
||||||
|
|
||||||
Add Django-Cryptolock's URL patterns:
|
Add Django-Cryptolock's URL patterns:
|
||||||
|
|
||||||
.. code-block:: python
|
.. code-block:: python
|
||||||
|
@ -55,9 +69,9 @@ This will add 2 routes :
|
||||||
* ``django_cryptolock:signup``
|
* ``django_cryptolock:signup``
|
||||||
* ``django_cryptolock:login``
|
* ``django_cryptolock:login``
|
||||||
|
|
||||||
For usega within you templates. For specific auth pages you can create the
|
You can then customize the generated HTML by creating the template files
|
||||||
template files (``login.html`` and ``signup.html``) under a
|
(``login.html`` and ``signup.html``) under a ``django_cryptolock`` subfolder in
|
||||||
``django_cryptolock`` subfolder.
|
your templates directory.
|
||||||
|
|
||||||
Both of these templates will have access to a ``form```containing the required
|
Both of these templates will have access to a ``form`` containing the required
|
||||||
fields for the authentication.
|
fields for the authentication.
|
||||||
|
|
|
@ -4,6 +4,13 @@ from model_mommy import mommy
|
||||||
from django_cryptolock.utils import generate_challenge
|
from django_cryptolock.utils import generate_challenge
|
||||||
|
|
||||||
|
|
||||||
def test_challenge_has_8_bytes():
|
def test_challenge_has_default_byte_len():
|
||||||
challenge = generate_challenge()
|
challenge = generate_challenge()
|
||||||
assert len(bytes.fromhex(challenge)) == 8
|
assert len(bytes.fromhex(challenge)) == 16
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.parametrize("length", (8, 16, 32, 64))
|
||||||
|
def test_challenge_has_custom_byte_len(length, settings):
|
||||||
|
settings.DJCL_CHALLENGE_BYTES = length
|
||||||
|
challenge = generate_challenge()
|
||||||
|
assert len(bytes.fromhex(challenge)) == length
|
||||||
|
|
Loading…
Reference in New Issue