web/forgejo
10
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2025-06-01 14:44:35 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

Whenever the password is updated ensure that the hash algorithm is too (#13966)

Browse source 
`user.HashPassword` may potentially - and in fact now likely does - change
the `passwd_hash_algo` therefore whenever the `passwd` is updated, this
also needs to be updated.

Fix #13832

Thanks @fblaese for the hint

Signed-off-by: Andrew Thornton <art27@cantab.net>
This commit is contained in:
zeripath 2020-12-12 18:59:49 +00:00 committed by GitHub
parent d07b8a75d7
commit 287b594803
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 4 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

2
cmd/admin.go
View file

@ -335,7 +335,7 @@ func runChangePassword(c *cli.Context) error {
}
user.HashPassword(c.String("password"))
if err := models.UpdateUserCols(user, "passwd", "salt"); err != nil {
if err := models.UpdateUserCols(user, "passwd", "passwd_hash_algo", "salt"); err != nil {
return err
}