nune/gitea
nune/gitea
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Whenever the password is updated ensure that the hash algorithm is too (#13966) (#13967)

Browse source 
Backport #13966

`user.HashPassword` may potentially - and in fact now likely does - change
the `passwd_hash_algo` therefore whenever the `passwd` is updated, this
also needs to be updated.

Fix #13832

Thanks @fblaese for the hint

Signed-off-by: Andrew Thornton <art27@cantab.net>
This commit is contained in:
zeripath 2020-12-13 00:01:44 +00:00 committed by GitHub
parent 05ee88e576
commit 8e8e8ee150
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 4 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

2
cmd/admin.go
View file

@ -283,7 +283,7 @@ func runChangePassword(c *cli.Context) error {
}
user.HashPassword(c.String("password"))
if err := models.UpdateUserCols(user, "passwd", "salt"); err != nil {
if err := models.UpdateUserCols(user, "passwd", "passwd_hash_algo", "salt"); err != nil {
return err
}