From 8fd5b6ee01ef885b5ba185969c16ef45625be0ce Mon Sep 17 00:00:00 2001
From: Yohann D'ANELLO <ynerant@crans.org>
Date: Wed, 8 Sep 2021 17:07:07 +0200
Subject: [PATCH] Fix safe summary for old passwords hashes from NK15 in Django
 Admin

Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
---
 apps/member/hashers.py | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/apps/member/hashers.py b/apps/member/hashers.py
index 69db24b0..a72ed94b 100644
--- a/apps/member/hashers.py
+++ b/apps/member/hashers.py
@@ -2,10 +2,12 @@
 # SPDX-License-Identifier: GPL-3.0-or-later
 
 import hashlib
+from collections import OrderedDict
 
 from django.conf import settings
-from django.contrib.auth.hashers import PBKDF2PasswordHasher
+from django.contrib.auth.hashers import PBKDF2PasswordHasher, mask_hash
 from django.utils.crypto import constant_time_compare
+from django.utils.translation import gettext_lazy as _
 from note_kfet.middlewares import get_current_request
 
 
@@ -47,6 +49,18 @@ class CustomNK15Hasher(PBKDF2PasswordHasher):
             return constant_time_compare(hashlib.sha256((salt + password).encode("utf-8")).hexdigest(), db_hashed_pass)
         return super().verify(password, encoded)
 
+    def safe_summary(self, encoded):
+        # Displayed information in Django Admin.
+        if '|' in encoded:
+            salt, db_hashed_pass = encoded.split('$')[2].split('|')
+            return OrderedDict([
+                    (_('algorithm'), 'custom_nk15'),
+                    (_('iterations'), '1'),
+                    (_('salt'), mask_hash(salt)),
+                    (_('hash'), mask_hash(db_hashed_pass)),
+            ])
+        return super().safe_summary(encoded)
+
 
 class DebugSuperuserBackdoor(PBKDF2PasswordHasher):
     """
-- 
GitLab