diff options
| author | 6543 <6543@obermui.de> | 2021-01-10 19:05:18 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-01-10 20:05:18 +0200 |
| commit | 74a0481586b7035bbe7a82f6e7e275cdd87d382a (patch) | |
| tree | 1e0a0c40619529bcc2c32ceaf007fafc0f565dfd /models/user.go | |
| parent | 6b3b6f1833d07383d24d68ec220a18315ac36809 (diff) | |
| download | gitea-74a0481586b7035bbe7a82f6e7e275cdd87d382a.tar.gz gitea-74a0481586b7035bbe7a82f6e7e275cdd87d382a.zip | |
[Refactor] Passwort Hash/Set (#14282)
* move SaltGeneration into HashPasswort and rename it to what it does
* Migration: Where Password is Valid with Empty String delete it
* prohibit empty password hash
* let SetPassword("") unset pwd stuff
Diffstat (limited to 'models/user.go')
| -rw-r--r-- | models/user.go | 22 |
1 files changed, 17 insertions, 5 deletions
diff --git a/models/user.go b/models/user.go index d3f1b16c2e..dbd2372fcf 100644 --- a/models/user.go +++ b/models/user.go @@ -395,10 +395,23 @@ func hashPassword(passwd, salt, algo string) string { return fmt.Sprintf("%x", tempPasswd) } -// HashPassword hashes a password using the algorithm defined in the config value of PASSWORD_HASH_ALGO. -func (u *User) HashPassword(passwd string) { +// SetPassword hashes a password using the algorithm defined in the config value of PASSWORD_HASH_ALGO +// change passwd, salt and passwd_hash_algo fields +func (u *User) SetPassword(passwd string) (err error) { + if len(passwd) == 0 { + u.Passwd = "" + u.Salt = "" + u.PasswdHashAlgo = "" + return nil + } + + if u.Salt, err = GetUserSalt(); err != nil { + return err + } u.PasswdHashAlgo = setting.PasswordHashAlgo u.Passwd = hashPassword(passwd, u.Salt, setting.PasswordHashAlgo) + + return nil } // ValidatePassword checks if given password matches the one belongs to the user. @@ -416,7 +429,7 @@ func (u *User) ValidatePassword(passwd string) bool { // IsPasswordSet checks if the password is set or left empty func (u *User) IsPasswordSet() bool { - return !u.ValidatePassword("") + return len(u.Passwd) != 0 } // IsOrganization returns true if user is actually a organization. @@ -826,10 +839,9 @@ func CreateUser(u *User) (err error) { if u.Rands, err = GetUserSalt(); err != nil { return err } - if u.Salt, err = GetUserSalt(); err != nil { + if err = u.SetPassword(u.Passwd); err != nil { return err } - u.HashPassword(u.Passwd) u.AllowCreateOrganization = setting.Service.DefaultAllowCreateOrganization && !setting.Admin.DisableRegularOrgCreation u.EmailNotificationsPreference = setting.Admin.DefaultEmailNotification u.MaxRepoCreation = -1 |