ahuston-0/hydra
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

Users: password changes via the web UI now use Argon2

Browse Source 
Co-authored-by: Graham Christensen <graham@grahamc.com>
This commit is contained in:
Graham Christensen
2021-04-15 10:56:12 -04:00
committed by Graham Christensen
parent 1da70030b7
commit beb5be4302
2 changed files with 19 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/lib/Hydra/Controller/User.pm
View File

@ -229,12 +229,6 @@ sub isValidPassword {
}
sub setPassword {
my ($user, $password) = @_;
$user->update({ password => sha1_hex($password) });
}
sub register :Local Args(0) {
my ($self, $c) = @_;
@ -294,7 +288,7 @@ sub updatePreferences {
error($c, "The passwords you specified did not match.")
if $password ne trim $c->stash->{params}->{password2};
setPassword($user, $password);
$user->setPassword($password);
}
my $emailAddress = trim($c->stash->{params}->{emailaddress} // "");
@ -394,7 +388,7 @@ sub reset_password :Chained('user') :PathPart('reset-password') :Args(0) {
unless $user->emailaddress;
my $password = Crypt::RandPasswd->word(8,10);
setPassword($user, $password);
$user->setPassword($password);
sendEmail(
$c->config,
$user->emailaddress,