Use argon as default password hash algorithm (#12688)
* Restrict TLS connections to 1.2 minimum * Set Argon2 as the default KDF * Fix user.yml * Remove TLS minversion changes Signed-off-by: Andrew Thornton <art27@cantab.net> * Add migration as per @techknowlogick Signed-off-by: Andrew Thornton <art27@cantab.net> * set the password algo in the fixtures Signed-off-by: Andrew Thornton <art27@cantab.net> * Remove the v148 migration - it needs recreate table to change the defaults Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Nadim Kobeissi <nadim@symbolic.software>
This commit is contained in:
zeripath
GitHub
parent
8fa7a4b511
commit
5c0697ad1e
6 changed files with 64 additions and 35 deletions
|
|
@ -508,8 +508,8 @@ ONLY_ALLOW_PUSH_IF_GITEA_ENVIRONMENT_SET = true
|
|||
;If left empty or no valid values are specified, the default is off (no checking)
|
||||
;Classes include "lower,upper,digit,spec"
|
||||
PASSWORD_COMPLEXITY = off
|
||||
; Password Hash algorithm, either "pbkdf2", "argon2", "scrypt" or "bcrypt"
|
||||
PASSWORD_HASH_ALGO = pbkdf2
|
||||
; Password Hash algorithm, either "argon2", "pbkdf2", "scrypt" or "bcrypt"
|
||||
PASSWORD_HASH_ALGO = argon2
|
||||
; Set false to allow JavaScript to read CSRF cookie
|
||||
CSRF_COOKIE_HTTP_ONLY = true
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue