Dont use settings secretkey for password resets

2025-12-14 14:52:15 +00:00 · 2010-03-24 11:10:30 +00:00
parent f47917ac26
commit 87bb8e37fb
1 changed files with 1 additions and 2 deletions
--- a/sso/services/jabber/xmppclient.py
+++ b/sso/services/jabber/xmppclient.py
@@ -2,7 +2,6 @@ import time
 import xmpp 
 import random
 import hashlib
-import settings

 class JabberAdmin():
    """ Adds a jabber user to a remote Jabber server """
@@ -128,7 +127,7 @@ class JabberAdmin():
        except:
            return False

-        pass = hashlib.sha1('%s%s%s' % (username, settings.SECRET_KEY, random.randint(0, 2147483647))).hexdigest()
+        pass = hashlib.sha1('%s%s%s' % (username, random.randint(0, 2147483647))).hexdigest()
        if self.resetpassword(username, pass):
            return self.kickuser(username)
        else: