diff options
author | zeripath <art27@cantab.net> | 2020-12-12 18:59:49 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-12-12 19:59:49 +0100 |
commit | 287b594803105ba517680aa50be478648d434035 (patch) | |
tree | 87072d48637929757841c9b4d705041c13290503 | |
parent | d07b8a75d7072a9178358b720fb2da656130e5ff (diff) | |
download | gitea-287b594803105ba517680aa50be478648d434035.tar.gz gitea-287b594803105ba517680aa50be478648d434035.zip |
Whenever the password is updated ensure that the hash algorithm is too (#13966)
`user.HashPassword` may potentially - and in fact now likely does - change
the `passwd_hash_algo` therefore whenever the `passwd` is updated, this
also needs to be updated.
Fix #13832
Thanks @fblaese for the hint
Signed-off-by: Andrew Thornton <art27@cantab.net>
-rw-r--r-- | cmd/admin.go | 2 | ||||
-rw-r--r-- | routers/user/auth.go | 4 | ||||
-rw-r--r-- | routers/user/setting/account.go | 2 |
3 files changed, 4 insertions, 4 deletions
diff --git a/cmd/admin.go b/cmd/admin.go index 8989ec2ebd..6b8c26fc0c 100644 --- a/cmd/admin.go +++ b/cmd/admin.go @@ -335,7 +335,7 @@ func runChangePassword(c *cli.Context) error { } user.HashPassword(c.String("password")) - if err := models.UpdateUserCols(user, "passwd", "salt"); err != nil { + if err := models.UpdateUserCols(user, "passwd", "passwd_hash_algo", "salt"); err != nil { return err } diff --git a/routers/user/auth.go b/routers/user/auth.go index 38e90cbef1..1e34099411 100644 --- a/routers/user/auth.go +++ b/routers/user/auth.go @@ -1514,7 +1514,7 @@ func ResetPasswdPost(ctx *context.Context) { } u.HashPassword(passwd) u.MustChangePassword = false - if err := models.UpdateUserCols(u, "must_change_password", "passwd", "rands", "salt"); err != nil { + if err := models.UpdateUserCols(u, "must_change_password", "passwd", "passwd_hash_algo", "rands", "salt"); err != nil { ctx.ServerError("UpdateUser", err) return } @@ -1590,7 +1590,7 @@ func MustChangePasswordPost(ctx *context.Context, cpt *captcha.Captcha, form aut u.HashPassword(form.Password) u.MustChangePassword = false - if err := models.UpdateUserCols(u, "must_change_password", "passwd", "salt"); err != nil { + if err := models.UpdateUserCols(u, "must_change_password", "passwd", "passwd_hash_algo", "salt"); err != nil { ctx.ServerError("UpdateUser", err) return } diff --git a/routers/user/setting/account.go b/routers/user/setting/account.go index 9b72e2a31a..4fb2e4be40 100644 --- a/routers/user/setting/account.go +++ b/routers/user/setting/account.go @@ -68,7 +68,7 @@ func AccountPost(ctx *context.Context, form auth.ChangePasswordForm) { return } ctx.User.HashPassword(form.Password) - if err := models.UpdateUserCols(ctx.User, "salt", "passwd"); err != nil { + if err := models.UpdateUserCols(ctx.User, "salt", "passwd_hash_algo", "passwd"); err != nil { ctx.ServerError("UpdateUser", err) return } |