trabajo-afectivo/lib/auth/backend/internal.rb

48 lines
1.3 KiB
Ruby
Raw Normal View History

2022-01-01 13:38:12 +00:00
# Copyright (C) 2012-2022 Zammad Foundation, https://zammad-foundation.org/
class Auth
class Backend
class Internal < Auth::Backend::Base
private
# Validation against the internal database.
#
# @returns [Boolean] true if the validation works, otherwise false.
def authenticated?
return true if hash_matches?
auth.increase_login_failed_attempts = true
false
end
# Overwrites the default behaviour to only perform this authentication if an internal password exists.
#
# @returns [Boolean] true if a internal password for the user is present.
def perform?
return false if !user.verified && user.source == 'signup'
user.password.present?
end
def hash_matches?
# makes sure that very long strings supplied as password
# rejected early and not even tried to match to password
if !PasswordPolicy::MaxLength.valid? password
return false
end
# Because of legacy reason a special check exists and afterwards the
# password will be saved in the current format.
if PasswordHash.legacy?(user.password, password)
user.update!(password: password)
return true
end
PasswordHash.verified?(user.password, password)
end
end
end
end