From 39931077cc7f4d09f53198f4f276573150c9745d Mon Sep 17 00:00:00 2001
From: Tanner Collin <git@tannercollin.com>
Date: Tue, 7 Jan 2020 08:04:18 +0000
Subject: [PATCH] Upgrade password hashing to Argon2

---
 apiserver/apiserver/settings.py | 8 ++++++++
 apiserver/requirements.txt      | 3 +++
 2 files changed, 11 insertions(+)

diff --git a/apiserver/apiserver/settings.py b/apiserver/apiserver/settings.py
index c0f7d35..65a55d7 100644
--- a/apiserver/apiserver/settings.py
+++ b/apiserver/apiserver/settings.py
@@ -112,6 +112,14 @@ AUTH_PASSWORD_VALIDATORS = [
     },
 ]
 
+PASSWORD_HASHERS = [
+    'django.contrib.auth.hashers.Argon2PasswordHasher',
+    'django.contrib.auth.hashers.PBKDF2PasswordHasher',
+    'django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher',
+    'django.contrib.auth.hashers.BCryptSHA256PasswordHasher',
+]
+
+
 
 # Internationalization
 # https://docs.djangoproject.com/en/3.0/topics/i18n/
diff --git a/apiserver/requirements.txt b/apiserver/requirements.txt
index 8bb6919..3ed66bc 100644
--- a/apiserver/requirements.txt
+++ b/apiserver/requirements.txt
@@ -1,8 +1,11 @@
+argon2-cffi==19.2.0
 asgiref==3.2.3
+cffi==1.13.2
 Django==3.0.2
 django-rest-auth==0.9.5
 djangorestframework==3.11.0
 pkg-resources==0.0.0
+pycparser==2.19
 pytz==2019.3
 six==1.13.0
 sqlparse==0.3.0