mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-10-27 07:36:08 +00:00
Code Issues 32 Releases Wiki Activity

Fixed #19354 -- Do not assume usermodel.pk == usermodel.id

Browse Source 
Thanks markteisman at hotmail.com for the report.
This commit is contained in:
Claude Paroz
2012-11-24 18:25:42 +01:00
parent d913a8b412
commit 0eeae15056
9 changed files with 14 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
django/contrib/auth/tokens.py
View File

@@ -58,7 +58,7 @@ class PasswordResetTokenGenerator(object):
# Ensure results are consistent across DB backends
login_timestamp = user.last_login.replace(microsecond=0, tzinfo=None)
value = (six.text_type(user.id) + user.password +
value = (six.text_type(user.pk) + user.password +
six.text_type(login_timestamp) + six.text_type(timestamp))
hash = salted_hmac(key_salt, value).hexdigest()[::2]
return "%s-%s" % (ts_b36, hash)