-
Notifications
You must be signed in to change notification settings - Fork 3.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fixing django 2.1 probs in student management commands #23587
Conversation
bulk_change_enrollment requires one of agrs: org or course to be set for it to function correctly.
Starting with django 2.1, the function is_password_usable no longer checks whether encode is a valid password created by a django hasher(hasher in PASSWORD_HASHERS setting) Adding this function to create constant behavior as we upgrade django versions
jenkins run django21 python |
Your PR has finished running tests. There were no failures. |
EdX Release Notice: This PR has been deployed to the staging environment in preparation for a release to production. |
EdX Release Notice: This PR has been deployed to the production environment. |
EdX Release Notice: This PR has been deployed to the staging environment in preparation for a release to production. |
EdX Release Notice: This PR has been deployed to the production environment. |
This PR fixes two probs:
for it to function correctly.
User.has_usable_password() and the is_password_usable() function no longer return False if the password is None or an empty string, or if the password uses a hasher that’s not in the PASSWORD_HASHERS setting. This undocumented behavior was a regression in Django 1.6 and prevented users with such passwords from requesting a password reset. Audit your code to confirm that your usage of these APIs don’t rely on the old behavior.
I was unsure as to whether the initial_password_hash really needed the verification of being hashed by PAWWROD_HASHERS, but, I decided to be conservative and preserve existing behavior by creating a new function that performs all the functionality that was removed in django 2.1.