AuthenticationPlug: Also update crypt passwords.

author: lain <lain@soykaf.club> 2020-05-17 11:40:25 +0200
committer: lain <lain@soykaf.club> 2020-05-17 11:40:25 +0200
commit: bfdd90f6d7c9bb85e572033070d6fa7efda8aeac (patch)
tree: 46090fc1ce89f5a57bc9ffaac2ddbb1e2bffc5f2
parent: baef35bcc8685757b0039f76d2614bbb08e410f7 (diff)
2 files changed, 30 insertions, 2 deletions
diff --git a/lib/pleroma/plugs/authentication_plug.ex b/lib/pleroma/plugs/authentication_plug.ex
index 7d7da6125..057ea42f1 100644
--- a/lib/pleroma/plugs/authentication_plug.ex
+++ b/lib/pleroma/plugs/authentication_plug.ex
@@ -31,6 +31,16 @@ defmodule Pleroma.Plugs.AuthenticationPlug do
   end
 
   def maybe_update_password(%User{password_hash: "$2" <> _} = user, password) do
+    do_update_password(user, password)
+  end
+
+  def maybe_update_password(%User{password_hash: "$6" <> _} = user, password) do
+    do_update_password(user, password)
+  end
+
+  def maybe_update_password(user, _), do: {:ok, user}
+
+  defp do_update_password(user, password) do
     user
     |> User.password_update_changeset(%{
       "password" => password,
@@ -39,8 +49,6 @@ defmodule Pleroma.Plugs.AuthenticationPlug do
     |> Pleroma.Repo.update()
   end
 
-  def maybe_update_password(user, _), do: {:ok, user}
-
   def call(%{assigns: %{user: %User{}}} = conn, _), do: conn
 
   def call(
diff --git a/test/plugs/authentication_plug_test.exs b/test/plugs/authentication_plug_test.exs
index 2c793b29a..3c70c1747 100644
--- a/test/plugs/authentication_plug_test.exs
+++ b/test/plugs/authentication_plug_test.exs
@@ -68,6 +68,26 @@ defmodule Pleroma.Plugs.AuthenticationPlugTest do
     assert "$pbkdf2" <> _ = user.password_hash
   end
 
+  test "with a crypt hash, it updates to a pkbdf2 hash", %{conn: conn} do
+    user =
+      insert(:user,
+        password_hash:
+          "$6$9psBWV8gxkGOZWBz$PmfCycChoxeJ3GgGzwvhlgacb9mUoZ.KUXNCssekER4SJ7bOK53uXrHNb2e4i8yPFgSKyzaW9CcmrDXWIEMtD1"
+      )
+
+    conn =
+      conn
+      |> assign(:auth_user, user)
+      |> assign(:auth_credentials, %{password: "password"})
+      |> AuthenticationPlug.call(%{})
+
+    assert conn.assigns.user.id == conn.assigns.auth_user.id
+    assert PlugHelper.plug_skipped?(conn, OAuthScopesPlug)
+
+    user = User.get_by_id(user.id)
+    assert "$pbkdf2" <> _ = user.password_hash
+  end
+
   describe "checkpw/2" do
     test "check pbkdf2 hash" do
       hash =
author	lain <lain@soykaf.club>	2020-05-17 11:40:25 +0200
committer	lain <lain@soykaf.club>	2020-05-17 11:40:25 +0200
commit	bfdd90f6d7c9bb85e572033070d6fa7efda8aeac (patch)
tree	46090fc1ce89f5a57bc9ffaac2ddbb1e2bffc5f2
parent	baef35bcc8685757b0039f76d2614bbb08e410f7 (diff)