實時生產中 argon2 hasher 的 Django 問題

Question

所以我剛剛設置了我的 Digital Ocean Droplet（服務器）並且一直在努力讓這個網站正常工作，但是我遇到了一個又一個錯誤。 我終於讓網站加載了登錄頁面（這是應該發生的），但是當我登錄時，我收到一個錯誤，Argon2 Pass Hasher 無法加載。 我真的不知道問題是什么，因為在開發過程中一切都運行良好。

這是錯誤：

ValueError at /accounts/login/
Couldn't load 'Argon2PasswordHasher' algorithm library: No module named argon2

這是我的設置：

"""
Django settings for django_project project.

Generated by 'django-admin startproject' using Django 1.8.7.

For more information on this file, see
https://docs.djangoproject.com/en/1.8/topics/settings/

For the full list of settings and their values, see
https://docs.djangoproject.com/en/1.8/ref/settings/
"""

# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
import os

BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
TEMPLATE_DIR = os.path.join(BASE_DIR, 'templates')
MEDIA_DIR = os.path.join(BASE_DIR, 'media')


# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/1.8/howto/deployment/checklist/

# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = 'h&*(yq942_a^pa+ty&wh(bl9s4d#z^*_6cmeb#5&49jb^r$&!f'

# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True

ALLOWED_HOSTS = []


# Application definition

INSTALLED_APPS = (
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'django.contrib.sites',

    'users',
    'feed',
    'blog',

    'allauth',
    'allauth.account',
    'allauth.socialaccount',
)

MIDDLEWARE_CLASSES = (
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
    'django.middleware.security.SecurityMiddleware',
)

ROOT_URLCONF = 'django_project.urls'

TEMPLATES = [
    {
        'BACKEND': 'django.template.backends.django.DjangoTemplates',
        'DIRS': [],
        'APP_DIRS': True,
        'OPTIONS': {
            'context_processors': [
                'django.template.context_processors.debug',
                'django.template.context_processors.request',
                'django.contrib.auth.context_processors.auth',
                'django.contrib.messages.context_processors.messages',
            ],
        },
    },
]

WSGI_APPLICATION = 'django_project.wsgi.application'


# Database
# https://docs.djangoproject.com/en/1.8/ref/settings/#databases

DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.sqlite3',
        'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
    }
}

# Password validation
# https://docs.djangoproject.com/en/1.11/ref/settings/#auth-password-validators

PASSWORD_HASHERS = [
    'django.contrib.auth.hashers.Argon2PasswordHasher',
    'django.contrib.auth.hashers.BCryptSHA256PasswordHasher',
    'django.contrib.auth.hashers.BCryptPasswordHasher',
    'django.contrib.auth.hashers.PBKDF2PasswordHasher',
    'django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher',
]


# Internationalization
# https://docs.djangoproject.com/en/1.8/topics/i18n/

LANGUAGE_CODE = 'en-us'

TIME_ZONE = 'UTC'

USE_I18N = True

USE_L10N = True

USE_TZ = True

SITE_ID = 1


# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/1.8/howto/static-files/

STATIC_URL = '/static/'
STATIC_ROOT = '/static/'
STATIC_DIR = os.path.join(BASE_DIR,'static')

STATICFILES_DIRS = [
    STATIC_DIR,
]


#MEDIA
MEDIA_ROOT = MEDIA_DIR
MEDIA_URL = '/media/'


LOGIN_URL = '/user_login'

# settings
ACCOUNT_AUTHENTICATION_METHOD = 'username_email'

ACCOUNT_USERNAME_REQUIRED = True
ACCOUNT_UNIQUE_USERNAME =True
ACCOUNT_SIGNUP_EMAIL_ENTER_TWICE =False
ACCOUNT_SIGNUP_PASSWORD_ENTER_TWICE =True
ACCOUNT_EMAIL_CONFIRMATION_EXPIRE_DAYS =3
ACCOUNT_LOGIN_ATTEMPTS_LIMIT = 5
ACCOUNT_LOGOUT_ON_PASSWORD_CHANGE =True
ACCOUNT_SESSION_REMEMBER =None
ACCOUNT_ADAPTER ='allauth.account.adapter.DefaultAccountAdapter'

ACCOUNT_UNIQUE_EMAIL =True
# SOCIALACCOUNT_AUTO_SIGNUP =True

# SOCIALACCOUNT_EMAIL_REQUIRED ='ACCOUNT_EMAIL_REQUIRED'
# SOCIALACCOUNT_QUERY_EMAIL ='ACCOUNT_EMAIL_REQUIRED'


ACCOUNT_EMAIL_REQUIRED = True
ACCOUNT_EMAIL_CONFIRMATION_HMAC =True
ACCOUNT_EMAIL_VERIFICATION = 'none'
#ACCOUNT_EMAIL_VERIFICATION = 'optional'
#ACCOUNT_EMAIL_VERIFICATION = 'mandatory'


EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
EMAIL_HOST = 'smtp.sendgrid.com'
EMAIL_HOST_PASSWORD = 'password'
EMAIL_HOST_USER = 'username'
EMAIL_PORT = 587
EMAIL_USE_TLS = True
DEFAULT_FROM_EMAIL = 'support@yoursite.com'



# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
# Allow Django from all hosts. This snippet is installed from
# /var/lib/digitalocean/allow_hosts.py

import os
import netifaces

# Find out what the IP addresses are at run time
# This is necessary because otherwise Gunicorn will reject the connections
def ip_addresses():
    ip_list = []
    for interface in netifaces.interfaces():
        addrs = netifaces.ifaddresses(interface)
        for x in (netifaces.AF_INET, netifaces.AF_INET6):
            if x in addrs:
                ip_list.append(addrs[x][0]['addr'])
    return ip_list

# Discover our IP address
ALLOWED_HOSTS = ip_addresses()

這是回溯：

Traceback Switch to copy-and-paste view

/usr/local/lib/python2.7/dist-packages/django/core/handlers/exception.py in inner
            response = get_response(request) ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/core/handlers/base.py in _legacy_get_response
            response = self._get_response(request) ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/core/handlers/base.py in _get_response
                response = self.process_exception_by_middleware(e, request) ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/core/handlers/base.py in _get_response
                response = wrapped_callback(request, *callback_args, **callback_kwargs) ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/views/generic/base.py in view
            return self.dispatch(request, *args, **kwargs) ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/utils/decorators.py in _wrapper
            return bound_func(*args, **kwargs) ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/views/decorators/debug.py in sensitive_post_parameters_wrapper
            return view(request, *args, **kwargs) ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/utils/decorators.py in bound_func
                return func.__get__(self, type(self))(*args2, **kwargs2) ...
▶ Local vars
/home/django/django_project/allauth/account/views.py in dispatch
        return super(LoginView, self).dispatch(request, *args, **kwargs) ...
▶ Local vars
/home/django/django_project/allauth/account/views.py in dispatch
                                            **kwargs) ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/views/generic/base.py in dispatch
        return handler(request, *args, **kwargs) ...
▶ Local vars
/home/django/django_project/allauth/account/views.py in post
        if form.is_valid(): ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/forms/forms.py in is_valid
        return self.is_bound and not self.errors ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/forms/forms.py in errors
            self.full_clean() ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/forms/forms.py in full_clean
        self._clean_form() ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/forms/forms.py in _clean_form
            cleaned_data = self.clean() ...
▶ Local vars
/home/django/django_project/allauth/account/forms.py in clean
            **credentials) ...
▶ Local vars
/home/django/django_project/allauth/account/adapter.py in authenticate
        user = authenticate(request=request, **credentials) ...
▶ Local vars
/home/django/django_project/allauth/compat.py in authenticate
        return authenticate(request=request, **credentials) ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/contrib/auth/__init__.py in authenticate
            user = _authenticate_with_backend(backend, backend_path, request, credentials) ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/contrib/auth/__init__.py in _authenticate_with_backend
    return backend.authenticate(*args, **credentials) ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/contrib/auth/backends.py in authenticate
            if user.check_password(password) and self.user_can_authenticate(user): ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/contrib/auth/base_user.py in check_password
        return check_password(raw_password, self.password, setter) ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/contrib/auth/hashers.py in check_password
    must_update = hasher_changed or preferred.must_update(encoded) ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/contrib/auth/hashers.py in must_update
        argon2 = self._load_library() ...
▶ Local vars
/usr/local/lib/python2.7/dist-packages/django/contrib/auth/hashers.py in _load_library
                                 (self.__class__.__name__, e)) ...
▶ Local vars

請幫忙，這個問題似乎相當具體，所以我無法找到太多關於它的信息......

Answer 1

根據文檔：

很簡單，我只需要在服務器上運行pip install django[argon2] ，相當於python -m pip install argon2-cffi 。

Answer 2

對我來說，似乎最新版本的 argon2-cffi (20.1.0) 解決了這個問題。 我之前使用的是 19.1.0。

pip uninstall argon2-cffi
pip install argon2-cffi==20.1.0

Answer 3

我遇到了同樣的問題，但是當我使用pip install django[argon2]遇到了以下錯誤：

no matches found: django[argon2]

但是，我找到了一個解決方案：

python -m pip install argon2_cffi
python -m pip install -U cffi pip setuptools

在 Python3 中：

python3 -m pip install argon2_cffi
python3 -m pip install -U cffi pip setuptools

---

_更詳細