From c3b973b15e888263f6ca8538a72e39280a77ac3e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Alexis=20M=C3=A9taireau?= <alexis@notmyidea.org>
Date: Fri, 5 Jan 2018 22:57:31 +0100
Subject: Do not enforce a check on sha256 hash algorithm.

This makes it inconsistent with our own generated passwords. Only check
that the password has been hashed.

Fixes #310.
---
 CHANGELOG.rst     | 1 +
 ihatemoney/run.py | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index 44c2641..d256bec 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -10,6 +10,7 @@ Fixed
 =====
 
 - Fix the generation of the supervisord template (#306)
+- Fix the validation of the hashed password (#310)
 
 
 2.0 (2017-12-27)
diff --git a/ihatemoney/run.py b/ihatemoney/run.py
index e3a7c1e..b431cb4 100644
--- a/ihatemoney/run.py
+++ b/ihatemoney/run.py
@@ -89,7 +89,7 @@ def validate_configuration(app):
         if 'MAIL_DEFAULT_SENDER' not in app.config:
             app.config['MAIL_DEFAULT_SENDER'] = default_settings.DEFAULT_MAIL_SENDER
 
-    if "pbkdf2:sha256:" not in app.config['ADMIN_PASSWORD'] and app.config['ADMIN_PASSWORD']:
+    if "pbkdf2:" not in app.config['ADMIN_PASSWORD'] and app.config['ADMIN_PASSWORD']:
         # Since 2.0
         warnings.warn(
             "The way Ihatemoney stores your ADMIN_PASSWORD has changed. You are using an unhashed"
-- 
cgit v1.1