h$[SSKrSSKrSSKrSSKrSSKrSSKrSSKrSSKJr SSK J r SSK J r SSK Jr SSKJrJrJrJr SSKJr SSKJr S rS rS rS'S jrS(S jrS(SjrS(Sjr\R@S5r!\R@S5r"\"\ 5S5r#S'Sjr$Sr%S)Sjr&Sr'"SS5r("SS\(5r)"SS\)5r*"SS\(5r+"SS \(5r,"S!S"\,5r-"S#S$\(5r."S%S&\(5r/g)*N)settings)ImproperlyConfigured)setting_changed)receiver)RANDOM_STRING_CHARSconstant_time_compareget_random_stringpbkdf2) import_string) gettext_noop!(cLUSL=(d UR[5(+$)zj Return True if this password wasn't generated by User.set_unusable_password(), i.e. make_password(None). N) startswithUNUSABLE_PASSWORD_PREFIX)encodeds M/var/www/html/env/lib/python3.13/site-packages/django/contrib/auth/hashers.pyis_password_usablers" d? N'"4"45M"NNNcUSL=(d [U5(+n[U5n[U5nU(a[ [ [ 55 gWRUR:gnU=(d URU5nURX5nU(dU(dU(aURX5 Xv4$![a SnNf=f)z Return two booleans. The first is whether the raw password matches the three part encoded digest, and the second whether to regenerate the password. NT)FF) r get_hasheridentify_hasher ValueError make_passwordr UNUSABLE_PASSWORD_SUFFIX_LENGTH algorithm must_updateverifyharden_runtime)passwordr preferred fake_runtimehasherhasher_changedr is_corrects rverify_passwordr&$s t#F+=g+F'FL9%I )  '(GHI%%)<)<L  v1 NrcV[5Vs0sHoRU_M sn$s snfN)r?r)r#s rget_hashers_by_algorithmrBs%3>= A=  f $= AA As&c bUS:Xa)[R5 [R5 gg)Nr9)r? cache_clearrB)settingkwargss r reset_hashersrGs($$! ,,.%rc[US5(aU$US:Xa [5S$[5nX$![a [ SU-5ef=f)z Return an instance of a loaded password hasher. If algorithm is 'default', return the default hasher. Lazily import hashers specified in the project's settings file if needed. rdefaultrz\Unknown password hashing algorithm '%s'. Did you specify it in the PASSWORD_HASHERS setting?)hasattrr?rBKeyErrorr)rr<s rrrsmy+&& i }Q+, % % &'  s 6Ac [U5S:XaSU;d%[U5S:XaURS5(aSnO=[U5S:XaURS5(aSnOURSS 5S n[U5$) z Return an instance of a loaded password hasher. Identify hasher algorithm by examining encoded hash, and call get_hasher() to return hasher. Raise ValueError if algorithm cannot be identified, or if hasher is not loaded. $%zmd5$$ unsalted_md5.zsha1$$ unsalted_sha1r)lenrsplitr)rrs rrrsy G s'1 G w11'::" W  2 28 < <# MM#q)!, i  rc4USUnX2[XS5-- nU$)z{ Return the given hash, with only the first ``show`` number shown. The rest are masked with ``char`` for security reasons. N)rT)hashshowcharmaskeds r mask_hashr[s* %4[F Se%%%F Mrcf[U5[R"[[55-U:$rA)rTmathlog2r)r6expected_entropys rmust_update_saltr`s& t9tyy%8!9: :=M MMrcZ\rSrSrSrSrSrSrSrSr Sr Sr S r S r S rS rS rSrg)BasePasswordHasherz Abstract base class for password hashers When creating your own hasher, you need to override algorithm, verify(), encode() and safe_summary(). PasswordHasher objects are immutable. NcURbY[UR[[45(aURupO URn[R "U5nU$[SURR-5e![ a,n[SURR<SU<35eSnAff=f)NzCouldn't load z algorithm library: z-Hasher %r doesn't specify a library attribute) libraryr0tuplelist importlib import_module ImportErrorr __class____name__)selfnamemod_pathmodulees r _load_library BasePasswordHasher._load_librarys << #$,, 66!%h<< "00: M ;dnn>U>U U    ~~..3 sB B?'B::B?c[R"UR[R"[ [ 55- 5n[ U[ S9$)zj Generate a cryptographically secure nonce salt in ASCII with an entropy of at least `salt_entropy` bits. ) allowed_chars)r]ceil salt_entropyr^rTrr )rn char_counts rr6BasePasswordHasher.salts:YYt00499SAT=U3VVW  ;NOOrc[S5e)z'Check if the given password is correct.z?subclasses of BasePasswordHasher must provide a verify() methodNotImplementedErrorrnr rs rrBasePasswordHasher.verifys! M  rcPUc [S5eU(aSU;a [S5eg)Nzpassword must be provided.rNz+salt must be provided and cannot contain $.)r3rrnr r6s r_check_encode_args%BasePasswordHasher._check_encode_argss.  89 9sd{JK K#rc[S5e)z Create an encoded database value. The result is normally formatted as "algorithm$salt$hash" and must be fewer than 128 characters. z@subclasses of BasePasswordHasher must provide an encode() methodr|rs rr7BasePasswordHasher.encodes" N  rc[S5e)z Return a decoded database value. The result is a dictionary and should contain `algorithm`, `hash`, and `salt`. Extra keys can be algorithm specific like `iterations` or `work_factor`. z@subclasses of BasePasswordHasher must provide a decode() method.r|rnrs rdecodeBasePasswordHasher.decode s" N  rc[S5e)z Return a summary of safe values. The result is a dictionary and will be used where the password field must be displayed to construct a safe representation of the password. zEsubclasses of BasePasswordHasher must provide a safe_summary() methodr|rs r safe_summaryBasePasswordHasher.safe_summarys" S  rcg)NFrs rrBasePasswordHasher.must_update$src0[R"S5 g)a Bridge the runtime gap between the work factor supplied in `encoded` and the work factor suggested by this hasher. Taking PBKDF2 as an example, if `encoded` contains 20000 iterations and `self.iterations` is 30000, this method should run password through another 10000 iterations of PBKDF2. Similar approaches should exist for any hasher that has a work factor. If not, this method should be defined as a no-op to silence the warning. zIsubclasses of BasePasswordHasher should provide a harden_runtime() methodN)warningswarnr~s rr!BasePasswordHasher.harden_runtime's  W rr)rm __module__r5__firstlineno____doc__rrfrxrsr6rrr7rrrr__static_attributes__rrrrbrbsGIGL $P L        rrbc`\rSrSrSrSrSr\Rr S Sjr Sr Sr S r S rS rS rg)PBKDF2PasswordHasheri7z Secure password hashing using the PBKDF2 algorithm (recommended) Configured to use PBKDF2 + HMAC + SHA256. The result is a 64 byte binary string. Iterations may be changed safely but you must rename the algorithm if you change SHA256. pbkdf2_sha256ipF NcURX5 U=(d URn[XX0RS9n[R "U5R S5R5nSURX2U4-$)N)digestasciiz %s$%d$%s$%s) r iterationsr rbase64 b64encoderstripr)rnr r6rrWs rr7PBKDF2PasswordHasher.encodeDsh /24?? hjE%,,W5;;= $GGGrcnURSS5up#pEX R:XdeUU[U5US.$)NrN)rrWrr6rUrint)rnrrrr6rWs rrPBKDF2PasswordHasher.decodeKsA,3MM#q,A) tNN***"j/   rcjURU5nURXSUS5n[X$5$Nr6rrr7rrnr rdecoded encoded_2s rrPBKDF2PasswordHasher.verifyUs4++g&KK&/7<;PQ $W88rc URU5n[S5US[S5US[S5[US5[S5[US50$)Nrrr6rWr_r[rnrrs rr!PBKDF2PasswordHasher.safe_summaryZsZ++g& kNGK0 lOW\2 fIy1 fIy1   rcURU5n[USUR5nUSUR:g=(d U$r)rr`rxr)rnrr update_salts rr PBKDF2PasswordHasher.must_updatecs?++g&&wv8I8IJ  %8H[HrcURU5nURUS- nUS:aURXSU5 gg)Nrrr6)rrr7)rnr rrextra_iterationss rr#PBKDF2PasswordHasher.harden_runtimehsD++g&??W\-BB a  KK&/3C D rrrA)rmrr5rrrrhashlibsha256rr7rrrrrrrrrrr7s= IJ ^^FH 9  I Errc4\rSrSrSrSr\RrSr g)PBKDF2SHA1PasswordHasherioz Alternate PBKDF2 hasher which uses SHA1, the default PRF recommended by PKCS #5. This is compatible with other implementations of PBKDF2, such as openssl's PKCS5_PBKDF2_HMAC_SHA1(). pbkdf2_sha1rN) rmrr5rrrrsha1rrrrrrrosI \\FrrcV\rSrSrSrSrSrSrSrSr Sr Sr S r S r S rS rS rSrg)Argon2PasswordHasheri{z Secure password hashing using the argon2 algorithm. This is the winner of the Password Hashing Competition 2013-2015 (https://password-hashing.net). It requires the argon2-cffi library which depends on native C code and might cause portability issues. argon2ic XUR5nUR5nURRUR 5UR 5UR UR URURURS9nURURS5-$)N) time_cost memory_cost parallelismhash_lenr4r) rsparams low_level hash_secretr7rrrrr4rr)rnr r6rrdatas rr7Argon2PasswordHasher.encodes##%++ OO  KKM&&****__, ~~ G 444rc UR5nURSS5up4X0R:XdeURSU-5nURS5GtpgpUS[ U5*S--- n[ R "U5RS5n UU URURU URUURUS. $)NrNrS=latin1) rrWrrr6rvarietyversionr) rsrUrextract_parametersrTr b64decoderrrrr) rnrrrrestrrrb64saltrWr6s rrArgon2PasswordHasher.decodes##%!--Q/ NN*****3:6%)ZZ_"W33w<-!+,,(//9"!--!--))~~  rcUR5nURSS5upEX@R:XdeUR5R SU-U5$!UR R a gf=f)NrNrSF)rsrUrPasswordHasherr exceptionsVerificationError)rnr rrrrs rrArgon2PasswordHasher.verifysu##%!--Q/ NN*** ((*11#*hG G  22  s"AA76A7c,URU5n[S5US[S5US[S5US[S5US[S5US[S5US[S 5[US 5[S 5[US 50$) Nrrrz memory costrz time costrrr6rWrrs rr!Argon2PasswordHasher.safe_summarys++g& kNGK0 iL'), iL'), m gm4 kNGK0 m gm4 fIy1 fIy1  rcURU5nUSnUR5nURUl[USUR5nX4:g=(d U$)Nrr6)rrsalt_lenr`rx)rnrrcurrent_params new_paramsrs rr Argon2PasswordHasher.must_updatesY++g& *[[] -55 &wv8I8IJ ,<??rc~URSS5up#pEnX R:XdeUUUSSUSS[U5S.$)NrNr)ralgostrchecksumr6 work_factorr)rnrremptyrrrs rr!BCryptSHA256PasswordHasher.decodesS7>}}S!7L4 'NN***"RS "I{+   rcURSS5up4X0R:XdeURXRS55n[X%5$)NrNrSr)rUrr7r)rnr rrrrs rr!BCryptSHA256PasswordHasher.verify sF!--Q/ NN***KK++g*>? $W88rc URU5n[S5US[S5US[S5[US5[S5[US50$)Nr work factorrr6rrrs rr'BCryptSHA256PasswordHasher.safe_summarys\++g& kNGK0 m gm4 fIy1 jM9WZ%89   rcHURU5nUSUR:g$)Nr)rrrs rr&BCryptSHA256PasswordHasher.must_updates$++g&}%44rcURSS5up4USSnURS5SnSUR[U5- -S- nUS:a.URXRS55 US-nUS:aM-gg)NrNrSrrr)rUrrr7)rnr rrrr6rdiffs rr)BCryptSHA256PasswordHasher.harden_runtimes{--Q'CRyC#T[[3v;./!3Qh KK++g"6 7 AIDQhrrN)rmrr5rrrrrrrfrr6r7rrrrrrrrrrrsE I ^^F"G F+ @  9  5rrc \rSrSrSrSrSrSrg)BCryptPasswordHasheri)a Secure password hashing using the bcrypt algorithm This is considered by many to be the most secure algorithm but you must first install the bcrypt library. Please be warned that this library depends on native C code and might cause portability issues. This hasher does not first hash the password which means it is subject to bcrypt's 72 bytes password truncation. Most use cases should prefer the BCryptSHA256PasswordHasher. rNr)rmrr5rrrrrrrrrr)s I FrrcT\rSrSrSrSrSrSrSrSr SS jr S r S r S r S rSrSrg)ScryptPasswordHasheri;z5 Secure password hashing using the Scrypt algorithm. scryptrri@Nc URX5 U=(d URnU=(d URnU=(d URn[R "UR 5UR 5UUUURSS9n[R"U5RS5R5nSURX2XEU4-$)N@)r6nrpmaxmemdklenrz%s$%d$%s$%d$%d$%s) rr block_sizerrrr7rrrrrr)rnr r6rrrhash_s rr7ScryptPasswordHasher.encodeFs / !!!  !!! OO ;;   '..w7==?"dnnaqU%KKKrcURSS5up#pEpgX R:XdeU[U5U[U5[U5US.$)NrN)rrr6rrrWr)rnrrrr6rrrs rrScryptPasswordHasher.decodeWsYGN}} H D +NN***"{+j/{+   rc|URU5nURUUSUSUSUS5n[X$5$)Nr6rrrrrs rrScryptPasswordHasher.verifyesM++g&KK  FO M " L ! M "  %W88rcURU5n[S5US[S5US[S5US[S5US[S5[US5[S5[US50$) Nrr rz block sizerrr6rWrrs rr!ScryptPasswordHasher.safe_summarypsx++g& kNGK0 m gm4 lOW\2 m gm4 fIy1 fIy1   rcURU5nUSUR:g=(d+ USUR:g=(d USUR:g$)Nrrr)rrrrrs rr ScryptPasswordHasher.must_update{sV++g& M "d&6&6 6 :|$7 :}%)9)99 rcgrArr~s rr#ScryptPasswordHasher.harden_runtimerrr)NNN)rmrr5rrrrrrrr7rrrrrrrrrrr;sAIJ FKKL"   9    rrc@\rSrSrSrSrSrSrSrSr Sr S r S r g ) MD5PasswordHasheriz= The Salted MD5 password hashing algorithm (not recommended) md5cURX5 [R"X!-R55R 5nUR <SU<SU<3$)NrN)rrr.r7 hexdigestr)rnr r6rWs rr7MD5PasswordHasher.encodesC /{{DO3356@@B!^^T488rcZURSS5up#nX R:XdeUUUS.$)NrNr)rrWr6)rUr)rnrrr6rWs rrMD5PasswordHasher.decodes: ' c1 5 NN***"  rcbURU5nURXS5n[X$5$Nr6rrs rrMD5PasswordHasher.verifys-++g&KK&/: $W88rc URU5n[S5US[S5[USSS9[S5[US50$)Nrr6r)rXrWrrs rrMD5PasswordHasher.safe_summarysN++g& kNGK0 fIyq9 fIy1  rcVURU5n[USUR5$r5)rr`rxrs rrMD5PasswordHasher.must_updates'++g&1B1BCCrcgrArr~s rr MD5PasswordHasher.harden_runtimes rrN) rmrr5rrrr7rrrrrrrrrr-r-s-I9  9  D rr-)rI)NrI)r"*)0rr functoolsrrir]r django.confrdjango.core.exceptionsrdjango.core.signalsrdjango.dispatchrdjango.utils.cryptorrr r django.utils.module_loadingr django.utils.translationr rrrrr&r,r.r lru_cacher?rBrGrrr[r`rbrrrrrrr-rrrrGs9   7/$ 66 O!#H ),    BB /// 2!,N h h V5E-5Ep 3 c -c LE!3EP5$K -K \' *' r