aboutsummaryrefslogtreecommitdiffstats
path: root/routers/user
diff options
context:
space:
mode:
authorDenis Denisov <denji@users.noreply.github.com>2016-12-20 14:32:02 +0200
committerThomas Boerger <thomas@webhippie.de>2016-12-20 13:32:02 +0100
commit380e32e129d7a8868b9853e92e208a97e3ac125f (patch)
tree3b7ffc74a7f28f9c165ee4a780e52053d9f749fd /routers/user
parent952587dbae987e05fb36f0ff56bf5eff92ae1080 (diff)
downloadgitea-380e32e129d7a8868b9853e92e208a97e3ac125f.tar.gz
gitea-380e32e129d7a8868b9853e92e208a97e3ac125f.zip
Fix random string generator (#384)
* Remove unused custom-alphabet feature of random string generator Fix random string generator Random string generator should return error if it fails to read random data via crypto/rand * Fixes variable (un)initialization mixed assign Update test GetRandomString
Diffstat (limited to 'routers/user')
-rw-r--r--routers/user/auth.go17
-rw-r--r--routers/user/setting.go6
2 files changed, 19 insertions, 4 deletions
diff --git a/routers/user/auth.go b/routers/user/auth.go
index eecb5e051f..bb14ad5a5f 100644
--- a/routers/user/auth.go
+++ b/routers/user/auth.go
@@ -289,7 +289,11 @@ func Activate(ctx *context.Context) {
// Verify code.
if user := models.VerifyUserActiveCode(code); user != nil {
user.IsActive = true
- user.Rands = models.GetUserSalt()
+ var err error
+ if user.Rands, err = models.GetUserSalt(); err != nil {
+ ctx.Handle(500, "UpdateUser", err)
+ return
+ }
if err := models.UpdateUser(user); err != nil {
if models.IsErrUserNotExist(err) {
ctx.Error(404)
@@ -428,8 +432,15 @@ func ResetPasswdPost(ctx *context.Context) {
}
u.Passwd = passwd
- u.Rands = models.GetUserSalt()
- u.Salt = models.GetUserSalt()
+ var err error
+ if u.Rands, err = models.GetUserSalt(); err != nil {
+ ctx.Handle(500, "UpdateUser", err)
+ return
+ }
+ if u.Salt, err = models.GetUserSalt(); err != nil {
+ ctx.Handle(500, "UpdateUser", err)
+ return
+ }
u.EncodePasswd()
if err := models.UpdateUser(u); err != nil {
ctx.Handle(500, "UpdateUser", err)
diff --git a/routers/user/setting.go b/routers/user/setting.go
index bbb4d99c02..e078f8c17a 100644
--- a/routers/user/setting.go
+++ b/routers/user/setting.go
@@ -197,7 +197,11 @@ func SettingsPasswordPost(ctx *context.Context, form auth.ChangePasswordForm) {
ctx.Flash.Error(ctx.Tr("form.password_not_match"))
} else {
ctx.User.Passwd = form.Password
- ctx.User.Salt = models.GetUserSalt()
+ var err error
+ if ctx.User.Salt, err = models.GetUserSalt(); err != nil {
+ ctx.Handle(500, "UpdateUser", err)
+ return
+ }
ctx.User.EncodePasswd()
if err := models.UpdateUser(ctx.User); err != nil {
ctx.Handle(500, "UpdateUser", err)