deepcrayon/lila
deepcrayon/lila
1
0
Fork 0
Code Releases Activity

Fix build

Browse source
This commit is contained in:
Isaac Levy 2017-09-28 19:25:07 -04:00
parent 81754ca72b
commit 20459d4d72
5 changed files with 41 additions and 36 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
app/controllers/Account.scala
View file

@ -8,6 +8,7 @@ import lila.app._
import lila.common.PimpedJson._
import lila.common.{ LilaCookie, EmailAddress }
import lila.user.{ User => UserModel, UserRepo }
import UserModel.ClearPassword
import views.html
object Account extends LilaController {
@ -90,7 +91,7 @@ object Account extends LilaController {
fuccess(html.account.passwd(err))
} { data =>
HasherRateLimit(me.username) { _ =>
Env.user.authenticator.setPassword(me.id, data.newPasswd1) inject
Env.user.authenticator.setPassword(me.id, ClearPassword(data.newPasswd1)) inject
Redirect(s"${routes.Account.passwd}?ok=1")
}
}
@ -140,7 +141,7 @@ object Account extends LilaController {
FormFuResult(Env.security.forms.closeAccount) { err =>
fuccess(html.account.close(me, err))
} { password =>
Env.user.authenticator.authenticateById(me.id, password).map(_.isDefined) flatMap {
Env.user.authenticator.authenticateById(me.id, ClearPassword(password)).map(_.isDefined) flatMap {
case false => BadRequest(html.account.close(me, Env.security.forms.closeAccount)).fuccess
case true => doClose(me) inject {
Redirect(routes.User show me.username) withCookies LilaCookie.newSession

7
app/controllers/Auth.scala
View file

@ -13,6 +13,7 @@ import lila.common.{ LilaCookie, HTTPRequest, IpAddress }
import lila.memo.RateLimit
import lila.security.FingerPrint
import lila.user.{ UserRepo, User => UserModel }
import UserModel.ClearPassword
import views._
object Auth extends LilaController {
@ -171,7 +172,7 @@ object Auth extends LilaController {
lila.mon.user.register.mustConfirmEmail(mustConfirm.value)()
authLog(data.username, s"Signup website must confirm email: $mustConfirm")
val email = env.emailAddressValidator.validate(data.realEmail) err s"Invalid email ${data.email}"
val passwordHash = Env.user.authenticator passEnc data.password
val passwordHash = Env.user.authenticator passEnc ClearPassword(data.password)
UserRepo.create(data.username, passwordHash, email, ctx.blindMode, none,
mustConfirmEmail = mustConfirm.value)
.flatten(s"No user could be created for ${data.username}")
@ -198,7 +199,7 @@ object Auth extends LilaController {
lila.mon.user.register.mustConfirmEmail(mustConfirm.value)()
authLog(data.username, s"Signup mobile must confirm email: $mustConfirm")
val email = env.emailAddressValidator.validate(data.realEmail) err s"Invalid email ${data.email}"
val passwordHash = Env.user.authenticator passEnc data.password
val passwordHash = Env.user.authenticator passEnc ClearPassword(data.password)
UserRepo.create(data.username, passwordHash, email, false, apiVersion.some,
mustConfirmEmail = mustConfirm.value)
.flatten(s"No user could be created for ${data.username}")
@ -323,7 +324,7 @@ object Auth extends LilaController {
fuccess(html.auth.passwordResetConfirm(user, token, err, false.some))
} { data =>
HasherRateLimit(user.username) { _ =>
Env.user.authenticator.setPassword(user.id, data.newPasswd1) >>
Env.user.authenticator.setPassword(user.id, ClearPassword(data.newPasswd1)) >>
env.store.disconnect(user.id) >>
authenticateUser(user) >>-
lila.mon.user.auth.passwordResetConfirm("success")()

3
app/controllers/Cli.scala
View file

@ -4,6 +4,7 @@ import lila.app._
import play.api.mvc._
import play.api.data._, Forms._
import lila.user.User.ClearPassword
object Cli extends LilaController {
@ -24,7 +25,7 @@ object Cli extends LilaController {
}
private def CliAuth(password: String)(op: => Fu[Result]): Fu[Result] =
Env.user.authenticator.authenticateById(Env.api.CliUsername, password).map(_.isDefined) flatMap {
Env.user.authenticator.authenticateById(Env.api.CliUsername, ClearPassword(password)).map(_.isDefined) flatMap {
_.fold(op, fuccess(Unauthorized))
}
}

51
modules/user/src/test/AuthTest.scala
View file

@ -3,6 +3,7 @@ package lila.user
import org.specs2.mutable.Specification
import java.util.Base64
import Authenticator.AuthData
import User.{ClearPassword => P}
class AuthTest extends Specification {
@ -27,58 +28,58 @@ class AuthTest extends Specification {
// Mongo after password change
val shaUserWithKey = shaUser.copy(sha512 = Some(false))
"correct1" >> auth.compare(shaUser, "password")
"correct2" >> auth.compare(shaUserWithKey, "password")
"wrong1" >> !auth.compare(shaUser, "")
"wrong2" >> !auth.compare(shaUser, "")
"wrong sha" >> !auth.compare(shaUser.copy(sha512 = Some(true)), "password")
"correct1" >> auth.compare(shaUser, P("password"))
"correct2" >> auth.compare(shaUserWithKey, P("password"))
"wrong1" >> !auth.compare(shaUser, P(""))
"wrong2" >> !auth.compare(shaUser, P(""))
"wrong sha" >> !auth.compare(shaUser.copy(sha512 = Some(true)), P("password"))
}
"bcrypt checks" in {
val bCryptUser = AuthData(
"",
bpass = Some(Base64.getDecoder.decode(
bpass = HashedPassword(Base64.getDecoder.decode(
"+p7ysDb8OU9yMQ/LuFxFNgJ0HBKH7iJy8tkowG65NWjPC3Y6CzYV"
))
)).some
)
"correct" >> auth.compare(bCryptUser, "password")
"wrong pass" >> !auth.compare(bCryptUser, "")
"correct" >> auth.compare(bCryptUser, P("password"))
"wrong pass" >> !auth.compare(bCryptUser, P(""))
// sanity check of aes encryption
"wrong secret" >> !{
getAuth(new PasswordHasher((new Array[Byte](32)).toBase64, 2)).compare(
bCryptUser, "password"
bCryptUser, P("password")
)
}
"very long password" in {
val longPass = "a" * 100
val user = AuthData("", bpass = Some(auth.passEnc(longPass).bytes))
"correct" >> auth.compare(user, longPass)
"wrong fails" >> !auth.compare(user, "a" * 99)
val a100 = P("a" * 100)
val user = AuthData("", bpass = auth.passEnc(a100).some)
"correct" >> auth.compare(user, a100)
"wrong fails" >> !auth.compare(user, P("a" * 99))
}
"handle crazy passwords" in {
val abcUser = AuthData("", bpass = Some(auth.passEnc("abc").bytes))
val abcUser = AuthData("", bpass = auth.passEnc(P("abc")).some)
"test eq" >> auth.compare(abcUser, "abc")
"vs null bytes" >> !auth.compare(abcUser, "abc\u0000")
"vs unicode" >> !auth.compare(abcUser, "abc\uD83D\uDE01")
"vs empty" >> !auth.compare(abcUser, "")
"test eq" >> auth.compare(abcUser, P("abc"))
"vs null bytes" >> !auth.compare(abcUser, P("abc\u0000"))
"vs unicode" >> !auth.compare(abcUser, P("abc\uD83D\uDE01"))
"vs empty" >> !auth.compare(abcUser, P(""))
}
}
"migrated user" in {
val shaToBcrypt = shaUser.copy(
// generated purely from stored data
bpass = shaUser.password map { auth.passEnc(_).bytes }
bpass = shaUser.password map { p => auth.passEnc(P(p)) }
)
val shaToBcryptNoPass = shaToBcrypt.copy(password = None)
"correct" >> auth.compare(shaToBcrypt, "password")
"wrong pass" >> !auth.compare(shaToBcrypt, "")
"no pass" >> auth.compare(shaToBcryptNoPass, "password")
"wrong sha" >> !auth.compare(shaToBcryptNoPass.copy(sha512 = Some(true)), "password")
"correct" >> auth.compare(shaToBcrypt, P("password"))
"wrong pass" >> !auth.compare(shaToBcrypt, P(""))
"no pass" >> auth.compare(shaToBcryptNoPass, P("password"))
"wrong sha" >> !auth.compare(shaToBcryptNoPass.copy(sha512 = Some(true)), P("password"))
}
}
}

11
modules/user/src/test/PasswordHasherTest.scala
View file

@ -2,6 +2,7 @@ package lila.user
import org.specs2.mutable.Specification
import org.mindrot.BCrypt
import User.{ClearPassword => P}
class PasswordHasherTest extends Specification {
@ -32,9 +33,9 @@ class PasswordHasherTest extends Specification {
"hasher" should {
val passHasher = new PasswordHasher(secret, 2)
val liHash = passHasher.hash("abc")
"accept good" >> passHasher.check(liHash, "abc")
"reject bad" >> !passHasher.check(liHash, "abc ")
"uniq hash" >> { liHash !== passHasher.hash("abc") }
val liHash = passHasher.hash(P("abc"))
"accept good" >> passHasher.check(liHash, P("abc"))
"reject bad" >> !passHasher.check(liHash, P("abc "))
"uniq hash" >> { liHash !== passHasher.hash(P("abc")) }
}
}
}