From c3b973b15e888263f6ca8538a72e39280a77ac3e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Alexis=20M=C3=A9taireau?= <alexis@notmyidea.org>
Date: Fri, 5 Jan 2018 22:57:31 +0100
Subject: Do not enforce a check on sha256 hash algorithm.

This makes it inconsistent with our own generated passwords. Only check
that the password has been hashed.

Fixes #310.
---
 ihatemoney/run.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'ihatemoney/run.py')

diff --git a/ihatemoney/run.py b/ihatemoney/run.py
index e3a7c1e..b431cb4 100644
--- a/ihatemoney/run.py
+++ b/ihatemoney/run.py
@@ -89,7 +89,7 @@ def validate_configuration(app):
         if 'MAIL_DEFAULT_SENDER' not in app.config:
             app.config['MAIL_DEFAULT_SENDER'] = default_settings.DEFAULT_MAIL_SENDER
 
-    if "pbkdf2:sha256:" not in app.config['ADMIN_PASSWORD'] and app.config['ADMIN_PASSWORD']:
+    if "pbkdf2:" not in app.config['ADMIN_PASSWORD'] and app.config['ADMIN_PASSWORD']:
         # Since 2.0
         warnings.warn(
             "The way Ihatemoney stores your ADMIN_PASSWORD has changed. You are using an unhashed"
-- 
cgit v1.1