diff options
| author | 6543 <6543@obermui.de> | 2021-01-10 19:05:18 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-01-10 20:05:18 +0200 |
| commit | 74a0481586b7035bbe7a82f6e7e275cdd87d382a (patch) | |
| tree | 1e0a0c40619529bcc2c32ceaf007fafc0f565dfd /routers/user | |
| parent | 6b3b6f1833d07383d24d68ec220a18315ac36809 (diff) | |
| download | gitea-74a0481586b7035bbe7a82f6e7e275cdd87d382a.tar.gz gitea-74a0481586b7035bbe7a82f6e7e275cdd87d382a.zip | |
[Refactor] Passwort Hash/Set (#14282)
* move SaltGeneration into HashPasswort and rename it to what it does
* Migration: Where Password is Valid with Empty String delete it
* prohibit empty password hash
* let SetPassword("") unset pwd stuff
Diffstat (limited to 'routers/user')
| -rw-r--r-- | routers/user/auth.go | 6 | ||||
| -rw-r--r-- | routers/user/setting/account.go | 3 |
2 files changed, 3 insertions, 6 deletions
diff --git a/routers/user/auth.go b/routers/user/auth.go index 540a0d2f1a..bce801847d 100644 --- a/routers/user/auth.go +++ b/routers/user/auth.go @@ -1517,11 +1517,10 @@ func ResetPasswdPost(ctx *context.Context) { ctx.ServerError("UpdateUser", err) return } - if u.Salt, err = models.GetUserSalt(); err != nil { + if err = u.SetPassword(passwd); err != nil { ctx.ServerError("UpdateUser", err) return } - u.HashPassword(passwd) u.MustChangePassword = false if err := models.UpdateUserCols(u, "must_change_password", "passwd", "passwd_hash_algo", "rands", "salt"); err != nil { ctx.ServerError("UpdateUser", err) @@ -1591,12 +1590,11 @@ func MustChangePasswordPost(ctx *context.Context, cpt *captcha.Captcha, form aut } var err error - if u.Salt, err = models.GetUserSalt(); err != nil { + if err = u.SetPassword(form.Password); err != nil { ctx.ServerError("UpdateUser", err) return } - u.HashPassword(form.Password) u.MustChangePassword = false if err := models.UpdateUserCols(u, "must_change_password", "passwd", "passwd_hash_algo", "salt"); err != nil { diff --git a/routers/user/setting/account.go b/routers/user/setting/account.go index 4fb2e4be40..ca9b5b3c32 100644 --- a/routers/user/setting/account.go +++ b/routers/user/setting/account.go @@ -63,11 +63,10 @@ func AccountPost(ctx *context.Context, form auth.ChangePasswordForm) { ctx.Flash.Error(errMsg) } else { var err error - if ctx.User.Salt, err = models.GetUserSalt(); err != nil { + if err = ctx.User.SetPassword(form.Password); err != nil { ctx.ServerError("UpdateUser", err) return } - ctx.User.HashPassword(form.Password) if err := models.UpdateUserCols(ctx.User, "salt", "passwd_hash_algo", "passwd"); err != nil { ctx.ServerError("UpdateUser", err) return |