mirror of
1
Fork 0

Whenever the password is updated ensure that the hash algorithm is too (#13966)

`user.HashPassword` may potentially - and in fact now likely does - change
the `passwd_hash_algo` therefore whenever the `passwd` is updated, this
also needs to be updated.

Fix #13832

Thanks @fblaese for the hint

Signed-off-by: Andrew Thornton <art27@cantab.net>
This commit is contained in:
zeripath 2020-12-12 18:59:49 +00:00 committed by GitHub
parent d07b8a75d7
commit 287b594803
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 4 additions and 4 deletions

View File

@ -335,7 +335,7 @@ func runChangePassword(c *cli.Context) error {
} }
user.HashPassword(c.String("password")) user.HashPassword(c.String("password"))
if err := models.UpdateUserCols(user, "passwd", "salt"); err != nil { if err := models.UpdateUserCols(user, "passwd", "passwd_hash_algo", "salt"); err != nil {
return err return err
} }

View File

@ -1514,7 +1514,7 @@ func ResetPasswdPost(ctx *context.Context) {
} }
u.HashPassword(passwd) u.HashPassword(passwd)
u.MustChangePassword = false u.MustChangePassword = false
if err := models.UpdateUserCols(u, "must_change_password", "passwd", "rands", "salt"); err != nil { if err := models.UpdateUserCols(u, "must_change_password", "passwd", "passwd_hash_algo", "rands", "salt"); err != nil {
ctx.ServerError("UpdateUser", err) ctx.ServerError("UpdateUser", err)
return return
} }
@ -1590,7 +1590,7 @@ func MustChangePasswordPost(ctx *context.Context, cpt *captcha.Captcha, form aut
u.HashPassword(form.Password) u.HashPassword(form.Password)
u.MustChangePassword = false u.MustChangePassword = false
if err := models.UpdateUserCols(u, "must_change_password", "passwd", "salt"); err != nil { if err := models.UpdateUserCols(u, "must_change_password", "passwd", "passwd_hash_algo", "salt"); err != nil {
ctx.ServerError("UpdateUser", err) ctx.ServerError("UpdateUser", err)
return return
} }

View File

@ -68,7 +68,7 @@ func AccountPost(ctx *context.Context, form auth.ChangePasswordForm) {
return return
} }
ctx.User.HashPassword(form.Password) ctx.User.HashPassword(form.Password)
if err := models.UpdateUserCols(ctx.User, "salt", "passwd"); err != nil { if err := models.UpdateUserCols(ctx.User, "salt", "passwd_hash_algo", "passwd"); err != nil {
ctx.ServerError("UpdateUser", err) ctx.ServerError("UpdateUser", err)
return return
} }