projects / akkoma / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: baef35b)
AuthenticationPlug: Also update crypt passwords.
authorlain <lain@soykaf.club>
Sun, 17 May 2020 09:40:25 +0000 (11:40 +0200)
committerlain <lain@soykaf.club>
Sun, 17 May 2020 09:40:25 +0000 (11:40 +0200)
lib/pleroma/plugs/authentication_plug.ex patch | blob | history
test/plugs/authentication_plug_test.exs patch | blob | history

diff --git a/lib/pleroma/plugs/authentication_plug.ex b/lib/pleroma/plugs/authentication_plug.ex
index 7d7da61258f8265b745f1475999d47ce8a82af4a..057ea42f152f5e098a05708ff5d3b8b3571a576f 100644 (file)
--- a/lib/pleroma/plugs/authentication_plug.ex
+++ b/lib/pleroma/plugs/authentication_plug.ex
@@ -31,6 +31,16 @@ defmodule Pleroma.Plugs.AuthenticationPlug do
   end
 
   def maybe_update_password(%User{password_hash: "$2" <> _} = user, password) do
+    do_update_password(user, password)
+  end
+
+  def maybe_update_password(%User{password_hash: "$6" <> _} = user, password) do
+    do_update_password(user, password)
+  end
+
+  def maybe_update_password(user, _), do: {:ok, user}
+
+  defp do_update_password(user, password) do
     user
     |> User.password_update_changeset(%{
       "password" => password,
@@ -39,8 +49,6 @@ defmodule Pleroma.Plugs.AuthenticationPlug do
     |> Pleroma.Repo.update()
   end
 
-  def maybe_update_password(user, _), do: {:ok, user}
-
   def call(%{assigns: %{user: %User{}}} = conn, _), do: conn
 
   def call(
diff --git a/test/plugs/authentication_plug_test.exs b/test/plugs/authentication_plug_test.exs
index 2c793b29ad540bec095625782dd6f38c45d84727..3c70c1747e65b4f6f288bde42336505a8db18ec9 100644 (file)
--- a/test/plugs/authentication_plug_test.exs
+++ b/test/plugs/authentication_plug_test.exs
@@ -68,6 +68,26 @@ defmodule Pleroma.Plugs.AuthenticationPlugTest do
     assert "$pbkdf2" <> _ = user.password_hash
   end
 
+  test "with a crypt hash, it updates to a pkbdf2 hash", %{conn: conn} do
+    user =
+      insert(:user,
+        password_hash:
+          "$6$9psBWV8gxkGOZWBz$PmfCycChoxeJ3GgGzwvhlgacb9mUoZ.KUXNCssekER4SJ7bOK53uXrHNb2e4i8yPFgSKyzaW9CcmrDXWIEMtD1"
+      )
+
+    conn =
+      conn
+      |> assign(:auth_user, user)
+      |> assign(:auth_credentials, %{password: "password"})
+      |> AuthenticationPlug.call(%{})
+
+    assert conn.assigns.user.id == conn.assigns.auth_user.id
+    assert PlugHelper.plug_skipped?(conn, OAuthScopesPlug)
+
+    user = User.get_by_id(user.id)
+    assert "$pbkdf2" <> _ = user.password_hash
+  end
+
   describe "checkpw/2" do
     test "check pbkdf2 hash" do
       hash =
Fork of https://akkoma.dev/AkkomaGang/akkoma.git