Merge branch 'tests/authentication_plug' into 'develop'

author kaniini <ariadne@dereferenced.org>

Thu, 18 Jul 2019 20:29:51 +0000 (20:29 +0000)

committer kaniini <ariadne@dereferenced.org>

Thu, 18 Jul 2019 20:29:51 +0000 (20:29 +0000)
author kaniini <ariadne@dereferenced.org>
Thu, 18 Jul 2019 20:29:51 +0000 (20:29 +0000)
committer kaniini <ariadne@dereferenced.org>
Thu, 18 Jul 2019 20:29:51 +0000 (20:29 +0000)
diff --git a/lib/pleroma/plugs/authentication_plug.ex b/lib/pleroma/plugs/authentication_plug.ex

index eec5148927e32fd2fb8ad99c06881e9065b5e681..567674a0b1d5953804050429f9ccbe8a60395563 100644 (file)
--- a/lib/pleroma/plugs/authentication_plug.ex
+++ b/lib/pleroma/plugs/authentication_plug.ex
@@ -8,22 +8,19 @@ defmodule Pleroma.Plugs.AuthenticationPlug do
    alias Pleroma.User
    require Logger
  
-  def init(options) do
-    options
-  end
+  def init(options), do: options
  
-  def checkpw(password, password_hash) do
-    cond do
-      String.starts_with?(password_hash, "$pbkdf2") ->
-        Pbkdf2.checkpw(password, password_hash)
+  def checkpw(password, "$6" <> _ = password_hash) do
+    :crypt.crypt(password, password_hash) == password_hash
+  end
  
-      String.starts_with?(password_hash, "$6") ->
-        :crypt.crypt(password, password_hash) == password_hash
+  def checkpw(password, "$pbkdf2" <> _ = password_hash) do
+    Pbkdf2.checkpw(password, password_hash)
+  end
  
-      true ->
-        Logger.error("Password hash not recognized")
-        false
-    end
+  def checkpw(_password, _password_hash) do
+    Logger.error("Password hash not recognized")
+    false
    end
  
    def call(%{assigns: %{user: %User{}}} = conn, _), do: conn
diff --git a/test/plugs/authentication_plug_test.exs b/test/plugs/authentication_plug_test.exs

index 6158086ea212b421ba2d41d3a7fb6de19160942b..b55e746f8d8b82819b35bf23b9decee3d232e892 100644 (file)
--- a/test/plugs/authentication_plug_test.exs
+++ b/test/plugs/authentication_plug_test.exs
@@ -54,4 +54,29 @@ defmodule Pleroma.Plugs.AuthenticationPlugTest do
  
      assert conn == ret_conn
    end
+
+  describe "checkpw/2" do
+    test "check pbkdf2 hash" do
+      hash =
+        "$pbkdf2-sha512$160000$loXqbp8GYls43F0i6lEfIw$AY.Ep.2pGe57j2hAPY635sI/6w7l9Q9u9Bp02PkPmF3OrClDtJAI8bCiivPr53OKMF7ph6iHhN68Rom5nEfC2A"
+
+      assert AuthenticationPlug.checkpw("test-password", hash)
+      refute AuthenticationPlug.checkpw("test-password1", hash)
+    end
+
+    test "check sha512-crypt hash" do
+      hash =
+        "$6$9psBWV8gxkGOZWBz$PmfCycChoxeJ3GgGzwvhlgacb9mUoZ.KUXNCssekER4SJ7bOK53uXrHNb2e4i8yPFgSKyzaW9CcmrDXWIEMtD1"
+
+      assert AuthenticationPlug.checkpw("password", hash)
+      refute AuthenticationPlug.checkpw("password1", hash)
+    end
+
+    test "it returns false when hash invalid" do
+      hash =
+        "psBWV8gxkGOZWBz$PmfCycChoxeJ3GgGzwvhlgacb9mUoZ.KUXNCssekER4SJ7bOK53uXrHNb2e4i8yPFgSKyzaW9CcmrDXWIEMtD1"
+
+      refute Pleroma.Plugs.AuthenticationPlug.checkpw("password", hash)
+    end
+  end
  end
author	kaniini <ariadne@dereferenced.org>
	Thu, 18 Jul 2019 20:29:51 +0000 (20:29 +0000)
committer	kaniini <ariadne@dereferenced.org>
	Thu, 18 Jul 2019 20:29:51 +0000 (20:29 +0000)
lib/pleroma/plugs/authentication_plug.ex		patch \| blob \| history
test/plugs/authentication_plug_test.exs		patch \| blob \| history