CODEWITHSUNDEEP
django
Al W
Al W

Reputation: 7713

Upgrading from Django 1.3 to 1.5

I'd like to upgrade an existing application to a more recent version of django. In 1.4 they changed the password hashing algorithm such that all my old passwords will no longer match when people try to login. Is there some way to upgrade but not require users to reset their passwords?

Upvotes: 2

Views: 242

Answers (2)

Fernando Freitas Alves
Fernando Freitas Alves

Reputation: 3777

I did the same upgrade last month and Django passwords still fully functional. The changes I made are basically in generic views( now all generic views are class based) , The logging in settings.py was changed and I have to put a ALLOWED_HOSTS list. For example: ALLOWED_HOSTS = ['.stackoverflow.com']

Particularly, I changed my urls calls cause I was using named urls without quotes in url tags and it's no longed supported by django. The right way is like this: {% url 'name_of_the_view' arg1 arg2%}

I suggest you to create another environment and try use django 1.5 just making this small changes.

Upvotes: 1

dnozay
dnozay

Reputation: 24314

according to https://docs.djangoproject.com/en/dev/topics/auth/passwords/#auth-password-storage it will still check everything as usual.

if you are worried about storing everything as SHA1 by default, then put the hasher first in the list (this is not recommended though).

# settings.py
PASSWORD_HASHERS = (
    'django.contrib.auth.hashers.SHA1PasswordHasher',
    'django.contrib.auth.hashers.PBKDF2PasswordHasher',
    ...
)

if you need to check for yourself, you can consider using virtualenv with the newer django==1.5 package and create a dummy project/app connected to the same database to try it out. If you have admin privileges and already use the admin interface, you can use that to login there.

Upvotes: 3

Related Questions