[Refactor] Passwort Hash/Set (#14282)

* move SaltGeneration into HashPasswort and rename it to what it does * Migration: Where Password is Valid with Empty String delete it * prohibit empty password hash * let SetPassword("") unset pwd stuff
2021-01-10 19:05:18 +01:00 · 2021-01-10 19:05:18 +01:00 · 74a0481586
commit 74a0481586
parent 6b3b6f1833
10 changed files with 158 additions and 32 deletions
--- a/models/login_source.go
+++ b/models/login_source.go
@ -771,8 +771,10 @@ func UserSignIn(username, password string) (*User, error) {

 				// Update password hash if server password hash algorithm have changed
 				if user.PasswdHashAlgo != setting.PasswordHashAlgo {
-					user.HashPassword(password)
-					if err := UpdateUserCols(user, "passwd", "passwd_hash_algo"); err != nil {
+					if err = user.SetPassword(password); err != nil {
+						return nil, err
+					}
+					if err = UpdateUserCols(user, "passwd", "passwd_hash_algo", "salt"); err != nil {
 						return nil, err
 					}
 				}