将密码从 Drupal 7 迁移到 Django [英] Migrate passwords from Drupal 7 to Django

问题描述

我正在将一个站点从 Drupal 7 迁移到 Django 1.4，包括当前用户.我如何使用由 Drupal 散列的密码?

I am migrating a site from Drupal 7 to Django 1.4, including the current users. How can I work with the passwords that were hashed by Drupal?

根据this，Drupal使用 SHA-512 的 7 个哈希密码(它们以字符串的形式存储，以$S$"开头).

According to this, Drupal 7 hashes passwords using SHA-512 (they are stored in the form of a string starting with "$S$").

Django 1.4 现在包含许多用于存储密码的选项，包括SHA-256 的默认值，但我找不到 SHA-512 的选项.虽然 这个应用 似乎允许使用 SHA2 算法，但我不确定它是否与 Django 兼容1.4(因为 1.4 有一个灵活的密码哈希器).

Django 1.4 now contains a number of options for storing passwords, with a default of SHA-256, but I can't find an option for SHA-512. While this app appears to allow the use of SHA2 algorithms, I'm not sure it's compatible with Django 1.4 (as 1.4 has a flexible password hasher).

最简单的方法是什么?

ETA:我已经构建了一个密码哈希器，它模仿 Drupal 的算法并使迁移变得容易.由于我已经接受了一个答案，我不会不接受，但是对于将来想要将 Drupal 迁移到 Django 的任何人，代码存储在 Django 片段 和 >.

ETA: I've built a password hasher that mimics Drupal's algorithm and makes migration easy. Since I've already accepted an answer, I won't unaccept, but for anyone who wants to do Drupal to Django migration in the future, the code is stored on Django snippets and as a GitHub gist.

推荐答案

我对 Drupal 不是很了解，但我想密码是以散列形式存储的.如果是这种情况，您将不得不复制密码(我的意思是，将它们原封不动地复制)并且您必须更改 Django 散列密码的方式，使用与 Drupal 完全相同的方式，使用相同的安全盐.

I don't know Drupal very well, but I suppose that the passwords are stored hashed. If that's the case, you'll have to copy the passwords (I mean, copy them unchanged) and you'll have to change the way Django hashes its passwords, using the exactly same way of Drupal, with the same Security Salt.

我真的不知道该怎么做，但是密码的逻辑包含在 User 对象中.例如.User.set_password() 函数(描述了 此处) 使用make_password 函数.

I really don't know how to do that, but the logic for passwords is contained in the User object. For example. the User.set_password() function (described here) uses the make_password function.

我想通过一些研究你会找到改变它的方法，但重要的是，记住函数必须是相等的！即:

I think with a little research you'll find the way to change it, but the important thing is, remember that the functions must be equals! ie:

drupal_hash(x) == django_hash(x) 对于允许的密码集中的每个 x.

drupal_hash(x) == django_hash(x) for every x in the allowed passwords set.

深入了解 django 使用 get_hasher 函数.现在在 1.4 版本中，有一种方法可以指定 Django 如何选择该函数.看看这个:https://docs.djangoproject.com/en/dev/topics/auth/#how-django-stores-passwords

Taking a deeper look django get the has function with the get_hasher function. Now in the 1.4 version there's a way to specify how Django will select that function. Take a look at this: https://docs.djangoproject.com/en/dev/topics/auth/#how-django-stores-passwords

最后，为了创建自己的函数，你可以在MD5PasswordHasher.看起来真的很简单.您可以使用 hashlib python 库来生成 sha-512 算法.

Finally, in order to create your own function, you can take a look at how it's done on the MD5PasswordHasher. It seems really simple. You can use the hashlib python library to generate sha-512 algorithms.

改变编码方法需要类似的东西:

Changing the encode method would require somthing similar to:

def encode(self, password, salt):
    assert password
    assert salt and '$' not in salt
    hash = hashlib.sha512(salt + password).hexdigest()
    return "%s$%s$%s" % (self.algorithm, salt, hash)

这篇关于将密码从 Drupal 7 迁移到 Django的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！