Backport #13966 `user.HashPassword` may potentially - and in fact now likely does - change the `passwd_hash_algo` therefore whenever the `passwd` is updated, this also needs to be updated. Fix #13832 Thanks @fblaese for the hint Signed-off-by: Andrew Thornton <art27@cantab.net>
This commit is contained in:
parent
05ee88e576
commit
8e8e8ee150
3 changed files with 4 additions and 4 deletions
|
@ -283,7 +283,7 @@ func runChangePassword(c *cli.Context) error {
|
||||||
}
|
}
|
||||||
user.HashPassword(c.String("password"))
|
user.HashPassword(c.String("password"))
|
||||||
|
|
||||||
if err := models.UpdateUserCols(user, "passwd", "salt"); err != nil {
|
if err := models.UpdateUserCols(user, "passwd", "passwd_hash_algo", "salt"); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1496,7 +1496,7 @@ func ResetPasswdPost(ctx *context.Context) {
|
||||||
}
|
}
|
||||||
u.HashPassword(passwd)
|
u.HashPassword(passwd)
|
||||||
u.MustChangePassword = false
|
u.MustChangePassword = false
|
||||||
if err := models.UpdateUserCols(u, "must_change_password", "passwd", "rands", "salt"); err != nil {
|
if err := models.UpdateUserCols(u, "must_change_password", "passwd", "passwd_hash_algo", "rands", "salt"); err != nil {
|
||||||
ctx.ServerError("UpdateUser", err)
|
ctx.ServerError("UpdateUser", err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
@ -1572,7 +1572,7 @@ func MustChangePasswordPost(ctx *context.Context, cpt *captcha.Captcha, form aut
|
||||||
u.HashPassword(form.Password)
|
u.HashPassword(form.Password)
|
||||||
u.MustChangePassword = false
|
u.MustChangePassword = false
|
||||||
|
|
||||||
if err := models.UpdateUserCols(u, "must_change_password", "passwd", "salt"); err != nil {
|
if err := models.UpdateUserCols(u, "must_change_password", "passwd", "passwd_hash_algo", "salt"); err != nil {
|
||||||
ctx.ServerError("UpdateUser", err)
|
ctx.ServerError("UpdateUser", err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
|
@ -68,7 +68,7 @@ func AccountPost(ctx *context.Context, form auth.ChangePasswordForm) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
ctx.User.HashPassword(form.Password)
|
ctx.User.HashPassword(form.Password)
|
||||||
if err := models.UpdateUserCols(ctx.User, "salt", "passwd"); err != nil {
|
if err := models.UpdateUserCols(ctx.User, "salt", "passwd_hash_algo", "passwd"); err != nil {
|
||||||
ctx.ServerError("UpdateUser", err)
|
ctx.ServerError("UpdateUser", err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
Reference in a new issue