mirror of
https://github.com/ENSL/ensl.org.git
synced 2024-12-26 12:30:48 +00:00
Allow manual password hash MD5 for testing
This commit is contained in:
parent
bfd866fa88
commit
2297e8c4d1
2 changed files with 13 additions and 4 deletions
|
@ -96,6 +96,7 @@ class UsersController < ApplicationController
|
|||
flash[:notice] = t(:accounts_locked)
|
||||
else
|
||||
flash[:notice] = "%s (%s)" % [t(:login_successful), u.password_hash_s]
|
||||
# FIXME: this doesn't work because model is saved before
|
||||
flash[:notice] << " \n%s" % I18n.t(:password_md5_scrypt) if u.password_hash_changed?
|
||||
save_session u
|
||||
end
|
||||
|
|
|
@ -54,6 +54,7 @@ class User < ActiveRecord::Base
|
|||
|
||||
attribute :lastvisit, :datetime, default: Time.now.utc
|
||||
attribute :password_hash, :integer, default: PASSWORD_SCRYPT
|
||||
attr_accessor :password_force
|
||||
|
||||
belongs_to :team, :optional => true
|
||||
has_one :profile, :dependent => :destroy
|
||||
|
@ -331,13 +332,20 @@ class User < ActiveRecord::Base
|
|||
# NOTE: function does not call save
|
||||
# Maybe it should return to not waste save?
|
||||
def update_password
|
||||
# Standard logic for saving password
|
||||
if raw_password and raw_password.length > 0
|
||||
self.password = SCrypt::Password.create(raw_password)
|
||||
# Allow old hash too
|
||||
if password_hash == User::PASSWORD_MD5 and password_force
|
||||
self.password = Digest::MD5.hexdigest(raw_password)
|
||||
else
|
||||
self.password_hash = User::PASSWORD_SCRYPT
|
||||
elsif password_hash == User::PASSWORD_MD5
|
||||
self.password = SCrypt::Password.create(raw_password)
|
||||
end
|
||||
# Update MD5 to MD5+Scrypt
|
||||
elsif password_hash == User::PASSWORD_MD5 and !password_force
|
||||
# Scrypt(Md5(passsword))
|
||||
self.password = SCrypt::Password.create(password)
|
||||
self.password_hash = User::PASSWORD_MD5_SCRYPT
|
||||
self.password = SCrypt::Password.create(password)
|
||||
end
|
||||
end
|
||||
|
||||
|
|
Loading…
Reference in a new issue