authenticator.cpp

@@ -42,11 +42,12 @@ std::vector<char> Authenticator::pbkdf5(std::string password, const std::vector<
 	unsigned char hash[32];
 	const EVP_MD *sha256 = EVP_sha256();
 	const unsigned char *rawsalt = reinterpret_cast<const unsigned char *>(salt.data());
-	int ret = PKCS5_PBKDF2_HMAC(password.c_str(), password.size(), rawsalt, salt.size(), 300000, sha256, sizeof(hash), hash);
+	int ret =
+		PKCS5_PBKDF2_HMAC(password.c_str(), password.size(), rawsalt, salt.size(), 300000, sha256, sizeof(hash), hash);
 	if(ret != 1)
 	{
 		Logger::error() << "Authenticator: pbkdf5: Failed to create hash";
-		return { };
+		return {};
 	}
 	std::vector<char> result;
 

authenticator.h

@@ -3,6 +3,7 @@
 #include <variant>
 #include "database/userdao.h"
 
+#define AUTH_DEFAULT_SALT_SIZE 32
 enum AuthenticationError
 {
 	UserNotFound,

handlers/handlerusersettings.cpp

@@ -15,19 +15,20 @@ Response HandlerUserSettings::handleRequest(const Request &r)
 
 			if(newpassword != newpasswordconfirm)
 			{
-				//TODO: is not nice, users has to hit the back button...
+				// TODO: is not nice, users has to hit the back button...
 				return this->errorResponse("Passwords don't match", "The entered new passwords don't match");
 			}
 			auto userDao = this->database->createUserDao();
 			Authenticator authenticator(*userDao);
 
-			std::variant<User, AuthenticationError> authresult = authenticator.authenticate(this->userSession->user.login, oldpassword);
+			std::variant<User, AuthenticationError> authresult =
+				authenticator.authenticate(this->userSession->user.login, oldpassword);
 			if(std::holds_alternative<AuthenticationError>(authresult))
 			{
 				return this->errorResponse("Invalid current password", "The old password you entered is invalid");
 			}
 			Random r;
-			std::vector<char> salt = r.getRandom(23);
+			std::vector<char> salt = r.getRandom(AUTH_DEFAULT_SALT_SIZE);
 			User user = std::get<User>(authresult);
 			user.salt = salt;
 			user.password = authenticator.hash(newpassword, user.salt);