Fix BetterReadOnlyPasswordHashWidget for django 6.0

Author: bgaudino

.github/workflows/ci.yml

@@ -87,7 +87,16 @@ jobs:
             python-version: "3.12"
           - django-version: "5.2"
             python-version: "3.13"
+          - django-version: "5.2"
+            python-version: "3.14"
 
+          # Django 6.0
+          - django-version: "6.0"
+            python-version: "3.12"
+          - django-version: "6.0"
+            python-version: "3.13"
+          - django-version: "6.0"
+            python-version: "3.14"
     steps:
     - uses: actions/checkout@v4
 

authtools/forms.py

@@ -31,12 +31,7 @@ class BetterReadOnlyPasswordHashWidget(ReadOnlyPasswordHashWidget):
     """
     A ReadOnlyPasswordHashWidget that has a less intimidating output.
     """
-
-    def get_context(self, name, value, attrs):
-        context = super().get_context(name, value, attrs)
-        if any(item.get('value') for item in context['summary']):
-            context['summary'] = [{'label': gettext('*************')}]
-        return context
+    template_name = 'authtools/widgets/better_read_only_password_hash.html'
 
 
 class UserChangeForm(DjangoUserChangeForm):

authtools/templates/authtools/widgets/better_read_only_password_hash.html

@@ -0,0 +1,5 @@
+{% load authtools %}
+<div{% include 'django/forms/widgets/attrs.html' %}>
+  {% render_better_read_only_password_hash widget.value %}
+  <p><a href="{{ password_url|default:"../password/" }}">{{ button_label }}</a></p>
+</div>

authtools/templatetags/authtools.py

@@ -0,0 +1,25 @@
+from django.contrib.auth.hashers import UNUSABLE_PASSWORD_PREFIX, identify_hasher
+from django.template import Library
+from django.utils.html import format_html
+from django.utils.translation import gettext
+
+register = Library()
+
+
+@register.simple_tag
+def render_better_read_only_password_hash(value):
+    if not value or value.startswith(UNUSABLE_PASSWORD_PREFIX):
+        return format_html("<p><strong>{}</strong></p>", gettext("No password set."))
+    try:
+        hasher = identify_hasher(value)
+        hasher.safe_summary(value)
+    except ValueError:
+        return format_html(
+            "<p><strong>{}</strong></p>",
+            gettext("Invalid password format or unknown hashing algorithm."),
+        )
+
+    return format_html(
+        "<p>{}</p>",
+        gettext("*************"),
+    )

tests/tests/tests.py

@@ -258,15 +258,7 @@ def test_better_readonly_password_widget(self):
         form = UserChangeForm(instance=user)
 
         self.assertIn(_('*************'), form.as_table())
-
-        version = django.VERSION[0]
-
-        if version < 4:
-            self.assertIn('<a href="../password/">', form.as_table())
-        elif version < 5:
-            self.assertIn('<a href="../../{0}/password/">'.format(user.id), form.as_table())
-        else:
-            self.assertIn('<a class="button" href="../password/">', form.as_table())
+        self.assertIn('<a href="../password/">', form.as_table())
 
 
 class UserAdminTest(TestCase):

tox.ini

@@ -3,8 +3,9 @@ envlist=
     py37-dj{22,30,32,32}
     py{38,39}-dj{22,30,31,32,40,41,42}
     py{10}-dj{32,40,41,42,50,51,52}
-    py{11,12}-dj{42,50,51,52}
-    py313-dj{51,52}
+    py{11,12}-dj{42,50,51,52,60}
+    py313-dj{51,52,60}
+    py314-dj60
 [testenv]
 python=
   py37: python3.7
@@ -14,6 +15,7 @@ python=
   py311: python3.11
   py312: python3.12
   py313: python3.13
+  py314: python3.14
 commands=
   /usr/bin/env
   make test
@@ -28,6 +30,7 @@ deps=
   dj50: Django>=5.0,<5.1
   dj51: Django>=5.1,<5.2
   dj52: Django>=5.2,<5.3
+  dj60: Django>=6.0,<6.1
 whitelist_externals=
   env
   make