forked from lix-project/hydra
Users: password changes via the web UI now use Argon2
Co-authored-by: Graham Christensen <graham@grahamc.com>
This commit is contained in:
parent
1da70030b7
commit
beb5be4302
|
@ -229,12 +229,6 @@ sub isValidPassword {
|
|||
}
|
||||
|
||||
|
||||
sub setPassword {
|
||||
my ($user, $password) = @_;
|
||||
$user->update({ password => sha1_hex($password) });
|
||||
}
|
||||
|
||||
|
||||
sub register :Local Args(0) {
|
||||
my ($self, $c) = @_;
|
||||
|
||||
|
@ -294,7 +288,7 @@ sub updatePreferences {
|
|||
error($c, "The passwords you specified did not match.")
|
||||
if $password ne trim $c->stash->{params}->{password2};
|
||||
|
||||
setPassword($user, $password);
|
||||
$user->setPassword($password);
|
||||
}
|
||||
|
||||
my $emailAddress = trim($c->stash->{params}->{emailaddress} // "");
|
||||
|
@ -394,7 +388,7 @@ sub reset_password :Chained('user') :PathPart('reset-password') :Args(0) {
|
|||
unless $user->emailaddress;
|
||||
|
||||
my $password = Crypt::RandPasswd->word(8,10);
|
||||
setPassword($user, $password);
|
||||
$user->setPassword($password);
|
||||
sendEmail(
|
||||
$c->config,
|
||||
$user->emailaddress,
|
||||
|
|
|
@ -214,9 +214,7 @@ sub json_hint {
|
|||
return \%hint;
|
||||
}
|
||||
|
||||
sub check_password {
|
||||
my ($self, $password) = @_;
|
||||
|
||||
sub _authenticator() {
|
||||
my $authenticator = Crypt::Passphrase->new(
|
||||
encoder => 'Argon2',
|
||||
validators => [
|
||||
|
@ -228,11 +226,16 @@ sub check_password {
|
|||
],
|
||||
);
|
||||
|
||||
return $authenticator;
|
||||
}
|
||||
|
||||
sub check_password {
|
||||
my ($self, $password) = @_;
|
||||
|
||||
my $authenticator = _authenticator();
|
||||
if ($authenticator->verify_password($password, $self->password)) {
|
||||
if ($authenticator->needs_rehash($self->password)) {
|
||||
$self->update({
|
||||
"password" => $authenticator->hash_password($password),
|
||||
});
|
||||
$self->setPassword($password);
|
||||
}
|
||||
|
||||
return 1;
|
||||
|
@ -241,4 +244,12 @@ sub check_password {
|
|||
}
|
||||
}
|
||||
|
||||
sub setPassword {
|
||||
my ($self, $password) = @_;;
|
||||
|
||||
$self->update({
|
||||
"password" => _authenticator()->hash_password($password),
|
||||
});
|
||||
}
|
||||
|
||||
1;
|
||||
|
|
Loading…
Reference in a new issue