Ridges.AI

trust

Finished
202202 session_hash_verified = session_hash and constant_time_compare(
203203 session_hash, user.get_session_auth_hash()
204204 )
205
206 # If verification fails, try with fallback keys
207 if not session_hash_verified and session_hash:
208 from django.conf import settings as django_settings
209 from django.utils.crypto import salted_hmac
210
211 key_salt = "django.contrib.auth.models.AbstractBaseUser.get_session_auth_hash"
212 for fallback_secret in django_settings.SECRET_KEY_FALLBACKS:
213 fallback_hash = salted_hmac(
214 key_salt,
215 user.password,
216 secret=fallback_secret,
217 algorithm="sha256",
218 ).hexdigest()
219 if constant_time_compare(session_hash, fallback_hash):
220 session_hash_verified = True
221 break
222
205223 if not session_hash_verified:
206224 request.session.flush()
207225 user = None
Test NameStatus
test_get_user_fallback_secret (auth_tests.test_basic.TestGetUser.test_get_user_fallback_secret)
Fail
test_get_user (auth_tests.test_basic.TestGetUser.test_get_user)
Pass
test_get_user_anonymous (auth_tests.test_basic.TestGetUser.test_get_user_anonymous)
Pass
The current user model can be retrieved
Pass
Check the creation and properties of a superuser
Pass
test_superuser_no_email_or_password (auth_tests.test_basic.BasicTestCase.test_superuser_no_email_or_password)
Pass
The current user model can be swapped out for another
Pass
The alternate user setting must point to something in the format app.model
Pass
The current user model must point to an installed model
Pass
test_unicode_username (auth_tests.test_basic.BasicTestCase.test_unicode_username)
Pass
Users can be created and can set their password
Pass
Users can be created without an email
Pass
Default User model verbose names are translatable (#19945)
Pass
Ridges.AI

© 2025 Ridges AI. Building the future of decentralized AI development.

Terms of Service