Skip to content

Commit

Permalink
version 2.1.0
Browse files Browse the repository at this point in the history
  • Loading branch information
miguelgrinberg committed Sep 28, 2013
1 parent 13075ec commit d4cf53d
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 2 deletions.
16 changes: 15 additions & 1 deletion docs/index.rst
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,13 @@ If the passwords are stored hashed in the user database then an additional callb

When the ``hash_password`` callback is provided access will be granted when ``get_password(username) == hash_password(password)``.

If the hashing algorithm requires the username to be known then the callback can take two arguments instead of one::

@auth.hash_password
def hash_pw(username, password):
get_salt(username)
return hash(password, salt)

Digest authentication example
-----------------------------

Expand Down Expand Up @@ -100,12 +107,19 @@ API Documentation

.. method:: hash_password(hash_password_callback)

*Optional*. If defined, this callback function will be called by the framework to apply a custom hashing algorithm to the password provided by the client. If this callback isn't provided the password will be checked unchanged. Example::
*Optional*. If defined, this callback function will be called by the framework to apply a custom hashing algorithm to the password provided by the client. If this callback isn't provided the password will be checked unchanged. The callback can take one or two arguments. The one argument version receives the password to hash, while the two argument version receives the username and the password in that order. Example single argument callback::

@auth.hash_password
def hash_password(password):
return md5(password).hexdigest()

Example two argument callback::

@auth.hash_password
def hash_pw(username, password):
get_salt(username)
return hash(password, salt)

.. method:: error_handler(error_callback)

*Optional*. If defined, this callback function will be called by the framework when it is necessary to send an authentication error back to the client. The return value from this function can be the body of the response as a string or it can also be a response object created with `make_response`. If this callback isn't provided a default error response is generated. Example::
Expand Down
2 changes: 1 addition & 1 deletion setup.py
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@

setup(
name='Flask-HTTPAuth',
version='2.0.0',
version='2.1.0',
url='http://github.com/miguelgrinberg/flask-httpauth/',
license='MIT',
author='Miguel Grinberg',
Expand Down

0 comments on commit d4cf53d

Please sign in to comment.