`user.HashPassword` may potentially - and in fact now likely does - change the `passwd_hash_algo` therefore whenever the `passwd` is updated, this also needs to be updated. Fix #13832 Thanks @fblaese for the hint Signed-off-by: Andrew Thornton <art27@cantab.net>tags/v1.15.0-dev
@@ -335,7 +335,7 @@ func runChangePassword(c *cli.Context) error { | |||
} | |||
user.HashPassword(c.String("password")) | |||
if err := models.UpdateUserCols(user, "passwd", "salt"); err != nil { | |||
if err := models.UpdateUserCols(user, "passwd", "passwd_hash_algo", "salt"); err != nil { | |||
return err | |||
} | |||
@@ -1514,7 +1514,7 @@ func ResetPasswdPost(ctx *context.Context) { | |||
} | |||
u.HashPassword(passwd) | |||
u.MustChangePassword = false | |||
if err := models.UpdateUserCols(u, "must_change_password", "passwd", "rands", "salt"); err != nil { | |||
if err := models.UpdateUserCols(u, "must_change_password", "passwd", "passwd_hash_algo", "rands", "salt"); err != nil { | |||
ctx.ServerError("UpdateUser", err) | |||
return | |||
} | |||
@@ -1590,7 +1590,7 @@ func MustChangePasswordPost(ctx *context.Context, cpt *captcha.Captcha, form aut | |||
u.HashPassword(form.Password) | |||
u.MustChangePassword = false | |||
if err := models.UpdateUserCols(u, "must_change_password", "passwd", "salt"); err != nil { | |||
if err := models.UpdateUserCols(u, "must_change_password", "passwd", "passwd_hash_algo", "salt"); err != nil { | |||
ctx.ServerError("UpdateUser", err) | |||
return | |||
} |
@@ -68,7 +68,7 @@ func AccountPost(ctx *context.Context, form auth.ChangePasswordForm) { | |||
return | |||
} | |||
ctx.User.HashPassword(form.Password) | |||
if err := models.UpdateUserCols(ctx.User, "salt", "passwd"); err != nil { | |||
if err := models.UpdateUserCols(ctx.User, "salt", "passwd_hash_algo", "passwd"); err != nil { | |||
ctx.ServerError("UpdateUser", err) | |||
return | |||
} |