Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Django issue with argon2 hasher in live production

Tags:

python

django

So I have just setup my Digital Ocean droplet (server) and have been working to get this site to work, however I have been coming across error after error. I finally got the site to load the login page (which is what should happen), but when I login I get an error that Argon2 Pass Hasher couldn't load. I really have no idea what the problem is, as everything was working perfectly while in development.

Here is the error:

ValueError at /accounts/login/
Couldn't load 'Argon2PasswordHasher' algorithm library: No module named argon2

Here are my settings:

"""
Django settings for django_project project.

Generated by 'django-admin startproject' using Django 1.8.7.

For more information on this file, see
https://docs.djangoproject.com/en/1.8/topics/settings/

For the full list of settings and their values, see
https://docs.djangoproject.com/en/1.8/ref/settings/
"""

# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
import os

BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
TEMPLATE_DIR = os.path.join(BASE_DIR, 'templates')
MEDIA_DIR = os.path.join(BASE_DIR, 'media')


# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/1.8/howto/deployment/checklist/

# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = 'h&*(yq942_a^pa+ty&wh(bl9s4d#z^*_6cmeb#5&49jb^r$&!f'

# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True

ALLOWED_HOSTS = []


# Application definition

INSTALLED_APPS = (
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'django.contrib.sites',

    'users',
    'feed',
    'blog',

    'allauth',
    'allauth.account',
    'allauth.socialaccount',
)

MIDDLEWARE_CLASSES = (
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
    'django.middleware.security.SecurityMiddleware',
)

ROOT_URLCONF = 'django_project.urls'

TEMPLATES = [
    {
        'BACKEND': 'django.template.backends.django.DjangoTemplates',
        'DIRS': [],
        'APP_DIRS': True,
        'OPTIONS': {
            'context_processors': [
                'django.template.context_processors.debug',
                'django.template.context_processors.request',
                'django.contrib.auth.context_processors.auth',
                'django.contrib.messages.context_processors.messages',
            ],
        },
    },
]

WSGI_APPLICATION = 'django_project.wsgi.application'


# Database
# https://docs.djangoproject.com/en/1.8/ref/settings/#databases

DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.sqlite3',
        'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
    }
}

# Password validation
# https://docs.djangoproject.com/en/1.11/ref/settings/#auth-password-validators

PASSWORD_HASHERS = [
    'django.contrib.auth.hashers.Argon2PasswordHasher',
    'django.contrib.auth.hashers.BCryptSHA256PasswordHasher',
    'django.contrib.auth.hashers.BCryptPasswordHasher',
    'django.contrib.auth.hashers.PBKDF2PasswordHasher',
    'django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher',
]


# Internationalization
# https://docs.djangoproject.com/en/1.8/topics/i18n/

LANGUAGE_CODE = 'en-us'

TIME_ZONE = 'UTC'

USE_I18N = True

USE_L10N = True

USE_TZ = True

SITE_ID = 1


# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/1.8/howto/static-files/

STATIC_URL = '/static/'
STATIC_ROOT = '/static/'
STATIC_DIR = os.path.join(BASE_DIR,'static')

STATICFILES_DIRS = [
    STATIC_DIR,
]


#MEDIA
MEDIA_ROOT = MEDIA_DIR
MEDIA_URL = '/media/'


LOGIN_URL = '/user_login'

# settings
ACCOUNT_AUTHENTICATION_METHOD = 'username_email'

ACCOUNT_USERNAME_REQUIRED = True
ACCOUNT_UNIQUE_USERNAME =True
ACCOUNT_SIGNUP_EMAIL_ENTER_TWICE =False
ACCOUNT_SIGNUP_PASSWORD_ENTER_TWICE =True
ACCOUNT_EMAIL_CONFIRMATION_EXPIRE_DAYS =3
ACCOUNT_LOGIN_ATTEMPTS_LIMIT = 5
ACCOUNT_LOGOUT_ON_PASSWORD_CHANGE =True
ACCOUNT_SESSION_REMEMBER =None
ACCOUNT_ADAPTER ='allauth.account.adapter.DefaultAccountAdapter'

ACCOUNT_UNIQUE_EMAIL =True
# SOCIALACCOUNT_AUTO_SIGNUP =True

# SOCIALACCOUNT_EMAIL_REQUIRED ='ACCOUNT_EMAIL_REQUIRED'
# SOCIALACCOUNT_QUERY_EMAIL ='ACCOUNT_EMAIL_REQUIRED'


ACCOUNT_EMAIL_REQUIRED = True
ACCOUNT_EMAIL_CONFIRMATION_HMAC =True
ACCOUNT_EMAIL_VERIFICATION = 'none'
#ACCOUNT_EMAIL_VERIFICATION = 'optional'
#ACCOUNT_EMAIL_VERIFICATION = 'mandatory'


EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
EMAIL_HOST = 'smtp.sendgrid.com'
EMAIL_HOST_PASSWORD = 'password'
EMAIL_HOST_USER = 'username'
EMAIL_PORT = 587
EMAIL_USE_TLS = True
DEFAULT_FROM_EMAIL = '[email protected]'



# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
# Allow Django from all hosts. This snippet is installed from
# /var/lib/digitalocean/allow_hosts.py

import os
import netifaces

# Find out what the IP addresses are at run time
# This is necessary because otherwise Gunicorn will reject the connections
def ip_addresses():
    ip_list = []
    for interface in netifaces.interfaces():
        addrs = netifaces.ifaddresses(interface)
        for x in (netifaces.AF_INET, netifaces.AF_INET6):
            if x in addrs:
                ip_list.append(addrs[x][0]['addr'])
    return ip_list

# Discover our IP address
ALLOWED_HOSTS = ip_addresses()

Here is the traceback:

Traceback Switch to copy-and-paste view

/usr/local/lib/python2.7/dist-packages/django/core/handlers/exception.py in inner
            response = get_response(request) ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/core/handlers/base.py in _legacy_get_response
            response = self._get_response(request) ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/core/handlers/base.py in _get_response
                response = self.process_exception_by_middleware(e, request) ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/core/handlers/base.py in _get_response
                response = wrapped_callback(request, *callback_args, **callback_kwargs) ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/views/generic/base.py in view
            return self.dispatch(request, *args, **kwargs) ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/utils/decorators.py in _wrapper
            return bound_func(*args, **kwargs) ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/views/decorators/debug.py in sensitive_post_parameters_wrapper
            return view(request, *args, **kwargs) ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/utils/decorators.py in bound_func
                return func.__get__(self, type(self))(*args2, **kwargs2) ...
▶ Local vars
/home/django/django_project/allauth/account/views.py in dispatch
        return super(LoginView, self).dispatch(request, *args, **kwargs) ...
▶ Local vars
/home/django/django_project/allauth/account/views.py in dispatch
                                            **kwargs) ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/views/generic/base.py in dispatch
        return handler(request, *args, **kwargs) ...
▶ Local vars
/home/django/django_project/allauth/account/views.py in post
        if form.is_valid(): ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/forms/forms.py in is_valid
        return self.is_bound and not self.errors ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/forms/forms.py in errors
            self.full_clean() ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/forms/forms.py in full_clean
        self._clean_form() ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/forms/forms.py in _clean_form
            cleaned_data = self.clean() ...
▶ Local vars
/home/django/django_project/allauth/account/forms.py in clean
            **credentials) ...
▶ Local vars
/home/django/django_project/allauth/account/adapter.py in authenticate
        user = authenticate(request=request, **credentials) ...
▶ Local vars
/home/django/django_project/allauth/compat.py in authenticate
        return authenticate(request=request, **credentials) ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/contrib/auth/__init__.py in authenticate
            user = _authenticate_with_backend(backend, backend_path, request, credentials) ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/contrib/auth/__init__.py in _authenticate_with_backend
    return backend.authenticate(*args, **credentials) ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/contrib/auth/backends.py in authenticate
            if user.check_password(password) and self.user_can_authenticate(user): ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/contrib/auth/base_user.py in check_password
        return check_password(raw_password, self.password, setter) ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/contrib/auth/hashers.py in check_password
    must_update = hasher_changed or preferred.must_update(encoded) ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/contrib/auth/hashers.py in must_update
        argon2 = self._load_library() ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/contrib/auth/hashers.py in _load_library
                                 (self.__class__.__name__, e)) ...
▶ Local vars

Please help, this issue seems to be rather specific so I haven't been able to find very much on it...

like image 939
Garrett Avatar asked Sep 26 '17 02:09

Garrett


3 Answers

According to the documentation:

It was simple, I just had to run pip install django[argon2] on the server, which is equivalent to python -m pip install argon2-cffi.

like image 51
Garrett Avatar answered Nov 19 '22 00:11

Garrett


For me, it seems the latest version of argon2-cffi (20.1.0) fixed this issue. I was using 19.1.0 previously.

pip uninstall argon2-cffi
pip install argon2-cffi==20.1.0
like image 32
chaitan94 Avatar answered Nov 19 '22 02:11

chaitan94


I had the same problem, but when I used pip install django[argon2] I encountered with the following error:

no matches found: django[argon2]

However, I found out a solution:

python -m pip install argon2_cffi
python -m pip install -U cffi pip setuptools

In Python3:

python3 -m pip install argon2_cffi
python3 -m pip install -U cffi pip setuptools

More detailed

like image 5
Benyamin Jafari Avatar answered Nov 19 '22 01:11

Benyamin Jafari