Last night I took the opportunity to upgrade all of getsentry.com to
Django 1.5. While most things were fairly trivial to sort out, we hit one less obvious (and pretty critical) bug
during the migration surrounding django-bcrypt.
This bug would only present itself if you’ve transitioned from older versions of Django, and therefore have passwords
in the database using the custom algorithm. Specifically, you’ll have passwords in your user’s table that look something
The fix is actually fairly simple, and just requires you to define a slightly custom legacy backend for django-bcrypt:
Once you’ve defined the backend, the rest is as simple as adding it to your list of password hashers: