1
0
mirror of https://github.com/django/django.git synced 2024-12-22 09:05:43 +00:00

Fixed #33764 -- Deprecated BaseUserManager.make_random_password().

This commit is contained in:
Ciaran McCormick 2022-06-02 14:40:20 +01:00 committed by Mariusz Felisiak
parent a3a1290d47
commit 286e7d076c
6 changed files with 24 additions and 1 deletions

View File

@ -209,6 +209,7 @@ answer newbie questions, and generally made Django that much better:
Chris Wagner <cw264701@ohio.edu>
Chris Wesseling <Chris.Wesseling@cwi.nl>
Chris Wilson <chris+github@qwirx.com>
Ciaran McCormick <ciaran@ciaranmccormick.com>
Claude Paroz <claude@2xlibre.net>
Clint Ecker
colin@owlfish.com

View File

@ -3,6 +3,7 @@ This module allows importing AbstractBaseUser even when django.contrib.auth is
not in INSTALLED_APPS.
"""
import unicodedata
import warnings
from django.contrib.auth import password_validation
from django.contrib.auth.hashers import (
@ -12,6 +13,7 @@ from django.contrib.auth.hashers import (
)
from django.db import models
from django.utils.crypto import get_random_string, salted_hmac
from django.utils.deprecation import RemovedInDjango51Warning
from django.utils.translation import gettext_lazy as _
@ -40,6 +42,11 @@ class BaseUserManager(models.Manager):
allowed_chars. The default value of allowed_chars does not have "I" or
"O" or letters and digits that look similar -- just to avoid confusion.
"""
warnings.warn(
"BaseUserManager.make_random_password() is deprecated.",
category=RemovedInDjango51Warning,
stacklevel=2,
)
return get_random_string(length, allowed_chars)
def get_by_natural_key(self, username):

View File

@ -15,6 +15,8 @@ about each item can often be found in the release notes of two versions prior.
See the :ref:`Django 4.2 release notes <deprecated-features-4.2>` for more
details on these changes.
* The ``BaseUserManager.make_random_password()`` method will be removed.
.. _deprecation-removed-in-5.0:
5.0

View File

@ -250,4 +250,7 @@ Features deprecated in 4.2
Miscellaneous
-------------
* ...
* The ``BaseUserManager.make_random_password()`` method is deprecated. See
`recipes and best practices
<https://docs.python.org/3/library/secrets.html#recipes-and-best-practices>`_
for using Python's :py:mod:`secrets` module to generate passwords.

View File

@ -772,6 +772,8 @@ utility methods:
.. method:: models.BaseUserManager.make_random_password(length=10, allowed_chars='abcdefghjkmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ23456789')
.. deprecated:: 4.2
Returns a random password with the given length and given string of
allowed characters. Note that the default value of ``allowed_chars``
doesn't contain letters that can cause user confusion, including:

View File

@ -18,6 +18,8 @@ from django.db import connection, migrations
from django.db.migrations.state import ModelState, ProjectState
from django.db.models.signals import post_save
from django.test import SimpleTestCase, TestCase, TransactionTestCase, override_settings
from django.test.utils import ignore_warnings
from django.utils.deprecation import RemovedInDjango51Warning
from .models import CustomEmailField, IntegerUsernameUser
@ -164,6 +166,7 @@ class UserManagerTestCase(TransactionTestCase):
is_staff=False,
)
@ignore_warnings(category=RemovedInDjango51Warning)
def test_make_random_password(self):
allowed_chars = "abcdefg"
password = UserManager().make_random_password(5, allowed_chars)
@ -171,6 +174,11 @@ class UserManagerTestCase(TransactionTestCase):
for char in password:
self.assertIn(char, allowed_chars)
def test_make_random_password_warning(self):
msg = "BaseUserManager.make_random_password() is deprecated."
with self.assertWarnsMessage(RemovedInDjango51Warning, msg):
UserManager().make_random_password()
def test_runpython_manager_methods(self):
def forwards(apps, schema_editor):
UserModel = apps.get_model("auth", "User")