finn/forgejo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

[Refactor] Passwort Hash/Set (#14282)

Browse source 
* move SaltGeneration into HashPasswort and rename it to what it does

* Migration: Where Password is Valid with Empty String delete it

* prohibit empty password hash

* let SetPassword("") unset pwd stuff
This commit is contained in:
6543 2021-01-10 19:05:18 +01:00 committed by GitHub
parent 6b3b6f1833
commit 74a0481586
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
10 changed files with 158 additions and 32 deletions
Download patch file Download diff file Expand all files Collapse all files

5
routers/admin/users.go
View file

@ -267,7 +267,10 @@ func EditUserPost(ctx *context.Context, form auth.AdminEditUserForm) {
ctx.ServerError("UpdateUser", err)
return
}
u.HashPassword(form.Password)
if err = u.SetPassword(form.Password); err != nil {
ctx.InternalServerError(err)
return
}
}
if len(form.UserName) != 0 && u.Name != form.UserName {

5
routers/api/v1/admin/user.go
View file

@ -174,7 +174,10 @@ func EditUser(ctx *context.APIContext, form api.EditUserOption) {
ctx.Error(http.StatusInternalServerError, "UpdateUser", err)
return
}
u.HashPassword(form.Password)
if err = u.SetPassword(form.Password); err != nil {
ctx.InternalServerError(err)
return
}
}
if form.MustChangePassword != nil {

6
routers/user/auth.go
View file

@ -1517,11 +1517,10 @@ func ResetPasswdPost(ctx *context.Context) {
ctx.ServerError("UpdateUser", err)
return
}
if u.Salt, err = models.GetUserSalt(); err != nil {
if err = u.SetPassword(passwd); err != nil {
ctx.ServerError("UpdateUser", err)
return
}
u.HashPassword(passwd)
u.MustChangePassword = false
if err := models.UpdateUserCols(u, "must_change_password", "passwd", "passwd_hash_algo", "rands", "salt"); err != nil {
ctx.ServerError("UpdateUser", err)
@ -1591,12 +1590,11 @@ func MustChangePasswordPost(ctx *context.Context, cpt *captcha.Captcha, form aut
}
var err error
if u.Salt, err = models.GetUserSalt(); err != nil {
if err = u.SetPassword(form.Password); err != nil {
ctx.ServerError("UpdateUser", err)
return
}
u.HashPassword(form.Password)
u.MustChangePassword = false
if err := models.UpdateUserCols(u, "must_change_password", "passwd", "passwd_hash_algo", "salt"); err != nil {

3
routers/user/setting/account.go
View file

@ -63,11 +63,10 @@ func AccountPost(ctx *context.Context, form auth.ChangePasswordForm) {
ctx.Flash.Error(errMsg)
} else {
var err error
if ctx.User.Salt, err = models.GetUserSalt(); err != nil {
if err = ctx.User.SetPassword(form.Password); err != nil {
ctx.ServerError("UpdateUser", err)
return
}
ctx.User.HashPassword(form.Password)
if err := models.UpdateUserCols(ctx.User, "salt", "passwd_hash_algo", "passwd"); err != nil {
ctx.ServerError("UpdateUser", err)
return