CLI #25
@ -42,11 +42,12 @@ std::vector<char> Authenticator::pbkdf5(std::string password, const std::vector<
|
||||
unsigned char hash[32];
|
||||
const EVP_MD *sha256 = EVP_sha256();
|
||||
const unsigned char *rawsalt = reinterpret_cast<const unsigned char *>(salt.data());
|
||||
int ret = PKCS5_PBKDF2_HMAC(password.c_str(), password.size(), rawsalt, salt.size(), 300000, sha256, sizeof(hash), hash);
|
||||
int ret =
|
||||
PKCS5_PBKDF2_HMAC(password.c_str(), password.size(), rawsalt, salt.size(), 300000, sha256, sizeof(hash), hash);
|
||||
if(ret != 1)
|
||||
{
|
||||
Logger::error() << "Authenticator: pbkdf5: Failed to create hash";
|
||||
return { };
|
||||
return {};
|
||||
}
|
||||
std::vector<char> result;
|
||||
|
||||
|
@ -3,6 +3,7 @@
|
||||
#include <variant>
|
||||
#include "database/userdao.h"
|
||||
|
||||
#define AUTH_DEFAULT_SALT_SIZE 32
|
||||
enum AuthenticationError
|
||||
{
|
||||
UserNotFound,
|
||||
|
@ -15,19 +15,20 @@ Response HandlerUserSettings::handleRequest(const Request &r)
|
||||
|
||||
if(newpassword != newpasswordconfirm)
|
||||
{
|
||||
//TODO: is not nice, users has to hit the back button...
|
||||
// TODO: is not nice, users has to hit the back button...
|
||||
return this->errorResponse("Passwords don't match", "The entered new passwords don't match");
|
||||
}
|
||||
auto userDao = this->database->createUserDao();
|
||||
Authenticator authenticator(*userDao);
|
||||
|
||||
std::variant<User, AuthenticationError> authresult = authenticator.authenticate(this->userSession->user.login, oldpassword);
|
||||
std::variant<User, AuthenticationError> authresult =
|
||||
authenticator.authenticate(this->userSession->user.login, oldpassword);
|
||||
if(std::holds_alternative<AuthenticationError>(authresult))
|
||||
{
|
||||
return this->errorResponse("Invalid current password", "The old password you entered is invalid");
|
||||
}
|
||||
Random r;
|
||||
std::vector<char> salt = r.getRandom(23);
|
||||
std::vector<char> salt = r.getRandom(AUTH_DEFAULT_SALT_SIZE);
|
||||
User user = std::get<User>(authresult);
|
||||
user.salt = salt;
|
||||
user.password = authenticator.hash(newpassword, user.salt);
|
||||
|
載入中…
新增問題並參考
Block a user