forked from lix-project/hydra
hydra-create-user: Warn that creating users with a plaintext password is deprecated
This commit is contained in:
parent
98928a4125
commit
0eeced7f08
|
@ -138,6 +138,8 @@ $db->txn_do(sub {
|
||||||
$user->update({ emailaddress => $emailAddress }) if defined $emailAddress;
|
$user->update({ emailaddress => $emailAddress }) if defined $emailAddress;
|
||||||
|
|
||||||
if (defined $password) {
|
if (defined $password) {
|
||||||
|
# !!! TODO: Remove support for plaintext passwords in 2023.
|
||||||
|
print STDERR "Submitting plaintext passwords as arguments is deprecated and will be removed. See --help for alternatives.\n";
|
||||||
$user->setPassword($password);
|
$user->setPassword($password);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -10,6 +10,7 @@ subtest "Handling password and password hash creation" => sub {
|
||||||
subtest "Creating a user with a plain text password (insecure) stores the password securely" => sub {
|
subtest "Creating a user with a plain text password (insecure) stores the password securely" => sub {
|
||||||
my ($res, $stdout, $stderr) = captureStdoutStderr(5, ("hydra-create-user", "plain-text-user", "--password", "foobar"));
|
my ($res, $stdout, $stderr) = captureStdoutStderr(5, ("hydra-create-user", "plain-text-user", "--password", "foobar"));
|
||||||
is($res, 0, "hydra-create-user should exit zero");
|
is($res, 0, "hydra-create-user should exit zero");
|
||||||
|
like($stderr, qr/Submitting plaintext passwords as arguments is deprecated and will be removed/, "Submitting a plain text password is deprecated.");
|
||||||
|
|
||||||
my $user = $db->resultset('Users')->find({ username => "plain-text-user" });
|
my $user = $db->resultset('Users')->find({ username => "plain-text-user" });
|
||||||
isnt($user, undef, "The user exists");
|
isnt($user, undef, "The user exists");
|
||||||
|
|
Loading…
Reference in a new issue