diff options
Diffstat (limited to 'services/auth/source/db/authenticate.go')
| -rw-r--r-- | services/auth/source/db/authenticate.go | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/services/auth/source/db/authenticate.go b/services/auth/source/db/authenticate.go index e0e439c2fe..f062f66ae0 100644 --- a/services/auth/source/db/authenticate.go +++ b/services/auth/source/db/authenticate.go @@ -21,7 +21,9 @@ func Authenticate(user *user_model.User, login, password string) (*user_model.Us } // Update password hash if server password hash algorithm have changed - if user.PasswdHashAlgo != setting.PasswordHashAlgo { + // Or update the password when the salt length doesn't match the current + // recommended salt length, this in order to migrate user's salts to a more secure salt. + if user.PasswdHashAlgo != setting.PasswordHashAlgo || len(user.Salt) != user_model.SaltByteLength*2 { if err := user.SetPassword(password); err != nil { return nil, err } |