From 8d9d6aa903baf3662fa31bceb489291564a873d1 Mon Sep 17 00:00:00 2001
From: EpicCoder <EpicCoder@users.noreply.github.com>
Date: Sun, 7 Jul 2019 08:01:01 +0200
Subject: Add additional password hash algorithms (closes #5859) (#6023)

---
 models/login_source.go | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'models/login_source.go')

diff --git a/models/login_source.go b/models/login_source.go
index 626c232772..26544588c1 100644
--- a/models/login_source.go
+++ b/models/login_source.go
@@ -22,6 +22,7 @@ import (
 	"code.gitea.io/gitea/modules/auth/oauth2"
 	"code.gitea.io/gitea/modules/auth/pam"
 	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/util"
 )
 
@@ -665,6 +666,15 @@ func UserSignIn(username, password string) (*User, error) {
 		switch user.LoginType {
 		case LoginNoType, LoginPlain, LoginOAuth2:
 			if user.IsPasswordSet() && user.ValidatePassword(password) {
+
+				// Update password hash if server password hash algorithm have changed
+				if user.PasswdHashAlgo != setting.PasswordHashAlgo {
+					user.HashPassword(password)
+					if err := UpdateUserCols(user, "passwd", "passwd_hash_algo"); err != nil {
+						return nil, err
+					}
+				}
+
 				// WARN: DON'T check user.IsActive, that will be checked on reqSign so that
 				// user could be hint to resend confirm email.
 				if user.ProhibitLogin {
-- 
cgit v1.2.3