Fix build
This commit is contained in:
parent
81754ca72b
commit
20459d4d72
|
@ -8,6 +8,7 @@ import lila.app._
|
|||
import lila.common.PimpedJson._
|
||||
import lila.common.{ LilaCookie, EmailAddress }
|
||||
import lila.user.{ User => UserModel, UserRepo }
|
||||
import UserModel.ClearPassword
|
||||
import views.html
|
||||
|
||||
object Account extends LilaController {
|
||||
|
@ -90,7 +91,7 @@ object Account extends LilaController {
|
|||
fuccess(html.account.passwd(err))
|
||||
} { data =>
|
||||
HasherRateLimit(me.username) { _ =>
|
||||
Env.user.authenticator.setPassword(me.id, data.newPasswd1) inject
|
||||
Env.user.authenticator.setPassword(me.id, ClearPassword(data.newPasswd1)) inject
|
||||
Redirect(s"${routes.Account.passwd}?ok=1")
|
||||
}
|
||||
}
|
||||
|
@ -140,7 +141,7 @@ object Account extends LilaController {
|
|||
FormFuResult(Env.security.forms.closeAccount) { err =>
|
||||
fuccess(html.account.close(me, err))
|
||||
} { password =>
|
||||
Env.user.authenticator.authenticateById(me.id, password).map(_.isDefined) flatMap {
|
||||
Env.user.authenticator.authenticateById(me.id, ClearPassword(password)).map(_.isDefined) flatMap {
|
||||
case false => BadRequest(html.account.close(me, Env.security.forms.closeAccount)).fuccess
|
||||
case true => doClose(me) inject {
|
||||
Redirect(routes.User show me.username) withCookies LilaCookie.newSession
|
||||
|
|
|
@ -13,6 +13,7 @@ import lila.common.{ LilaCookie, HTTPRequest, IpAddress }
|
|||
import lila.memo.RateLimit
|
||||
import lila.security.FingerPrint
|
||||
import lila.user.{ UserRepo, User => UserModel }
|
||||
import UserModel.ClearPassword
|
||||
import views._
|
||||
|
||||
object Auth extends LilaController {
|
||||
|
@ -171,7 +172,7 @@ object Auth extends LilaController {
|
|||
lila.mon.user.register.mustConfirmEmail(mustConfirm.value)()
|
||||
authLog(data.username, s"Signup website must confirm email: $mustConfirm")
|
||||
val email = env.emailAddressValidator.validate(data.realEmail) err s"Invalid email ${data.email}"
|
||||
val passwordHash = Env.user.authenticator passEnc data.password
|
||||
val passwordHash = Env.user.authenticator passEnc ClearPassword(data.password)
|
||||
UserRepo.create(data.username, passwordHash, email, ctx.blindMode, none,
|
||||
mustConfirmEmail = mustConfirm.value)
|
||||
.flatten(s"No user could be created for ${data.username}")
|
||||
|
@ -198,7 +199,7 @@ object Auth extends LilaController {
|
|||
lila.mon.user.register.mustConfirmEmail(mustConfirm.value)()
|
||||
authLog(data.username, s"Signup mobile must confirm email: $mustConfirm")
|
||||
val email = env.emailAddressValidator.validate(data.realEmail) err s"Invalid email ${data.email}"
|
||||
val passwordHash = Env.user.authenticator passEnc data.password
|
||||
val passwordHash = Env.user.authenticator passEnc ClearPassword(data.password)
|
||||
UserRepo.create(data.username, passwordHash, email, false, apiVersion.some,
|
||||
mustConfirmEmail = mustConfirm.value)
|
||||
.flatten(s"No user could be created for ${data.username}")
|
||||
|
@ -323,7 +324,7 @@ object Auth extends LilaController {
|
|||
fuccess(html.auth.passwordResetConfirm(user, token, err, false.some))
|
||||
} { data =>
|
||||
HasherRateLimit(user.username) { _ =>
|
||||
Env.user.authenticator.setPassword(user.id, data.newPasswd1) >>
|
||||
Env.user.authenticator.setPassword(user.id, ClearPassword(data.newPasswd1)) >>
|
||||
env.store.disconnect(user.id) >>
|
||||
authenticateUser(user) >>-
|
||||
lila.mon.user.auth.passwordResetConfirm("success")()
|
||||
|
|
|
@ -4,6 +4,7 @@ import lila.app._
|
|||
|
||||
import play.api.mvc._
|
||||
import play.api.data._, Forms._
|
||||
import lila.user.User.ClearPassword
|
||||
|
||||
object Cli extends LilaController {
|
||||
|
||||
|
@ -24,7 +25,7 @@ object Cli extends LilaController {
|
|||
}
|
||||
|
||||
private def CliAuth(password: String)(op: => Fu[Result]): Fu[Result] =
|
||||
Env.user.authenticator.authenticateById(Env.api.CliUsername, password).map(_.isDefined) flatMap {
|
||||
Env.user.authenticator.authenticateById(Env.api.CliUsername, ClearPassword(password)).map(_.isDefined) flatMap {
|
||||
_.fold(op, fuccess(Unauthorized))
|
||||
}
|
||||
}
|
||||
|
|
|
@ -3,6 +3,7 @@ package lila.user
|
|||
import org.specs2.mutable.Specification
|
||||
import java.util.Base64
|
||||
import Authenticator.AuthData
|
||||
import User.{ClearPassword => P}
|
||||
|
||||
class AuthTest extends Specification {
|
||||
|
||||
|
@ -27,58 +28,58 @@ class AuthTest extends Specification {
|
|||
// Mongo after password change
|
||||
val shaUserWithKey = shaUser.copy(sha512 = Some(false))
|
||||
|
||||
"correct1" >> auth.compare(shaUser, "password")
|
||||
"correct2" >> auth.compare(shaUserWithKey, "password")
|
||||
"wrong1" >> !auth.compare(shaUser, "")
|
||||
"wrong2" >> !auth.compare(shaUser, "")
|
||||
"wrong sha" >> !auth.compare(shaUser.copy(sha512 = Some(true)), "password")
|
||||
"correct1" >> auth.compare(shaUser, P("password"))
|
||||
"correct2" >> auth.compare(shaUserWithKey, P("password"))
|
||||
"wrong1" >> !auth.compare(shaUser, P(""))
|
||||
"wrong2" >> !auth.compare(shaUser, P(""))
|
||||
"wrong sha" >> !auth.compare(shaUser.copy(sha512 = Some(true)), P("password"))
|
||||
}
|
||||
|
||||
"bcrypt checks" in {
|
||||
val bCryptUser = AuthData(
|
||||
"",
|
||||
bpass = Some(Base64.getDecoder.decode(
|
||||
bpass = HashedPassword(Base64.getDecoder.decode(
|
||||
"+p7ysDb8OU9yMQ/LuFxFNgJ0HBKH7iJy8tkowG65NWjPC3Y6CzYV"
|
||||
))
|
||||
)).some
|
||||
)
|
||||
"correct" >> auth.compare(bCryptUser, "password")
|
||||
"wrong pass" >> !auth.compare(bCryptUser, "")
|
||||
"correct" >> auth.compare(bCryptUser, P("password"))
|
||||
"wrong pass" >> !auth.compare(bCryptUser, P(""))
|
||||
|
||||
// sanity check of aes encryption
|
||||
"wrong secret" >> !{
|
||||
getAuth(new PasswordHasher((new Array[Byte](32)).toBase64, 2)).compare(
|
||||
bCryptUser, "password"
|
||||
bCryptUser, P("password")
|
||||
)
|
||||
}
|
||||
|
||||
"very long password" in {
|
||||
val longPass = "a" * 100
|
||||
val user = AuthData("", bpass = Some(auth.passEnc(longPass).bytes))
|
||||
"correct" >> auth.compare(user, longPass)
|
||||
"wrong fails" >> !auth.compare(user, "a" * 99)
|
||||
val a100 = P("a" * 100)
|
||||
val user = AuthData("", bpass = auth.passEnc(a100).some)
|
||||
"correct" >> auth.compare(user, a100)
|
||||
"wrong fails" >> !auth.compare(user, P("a" * 99))
|
||||
}
|
||||
|
||||
"handle crazy passwords" in {
|
||||
val abcUser = AuthData("", bpass = Some(auth.passEnc("abc").bytes))
|
||||
val abcUser = AuthData("", bpass = auth.passEnc(P("abc")).some)
|
||||
|
||||
"test eq" >> auth.compare(abcUser, "abc")
|
||||
"vs null bytes" >> !auth.compare(abcUser, "abc\u0000")
|
||||
"vs unicode" >> !auth.compare(abcUser, "abc\uD83D\uDE01")
|
||||
"vs empty" >> !auth.compare(abcUser, "")
|
||||
"test eq" >> auth.compare(abcUser, P("abc"))
|
||||
"vs null bytes" >> !auth.compare(abcUser, P("abc\u0000"))
|
||||
"vs unicode" >> !auth.compare(abcUser, P("abc\uD83D\uDE01"))
|
||||
"vs empty" >> !auth.compare(abcUser, P(""))
|
||||
}
|
||||
}
|
||||
|
||||
"migrated user" in {
|
||||
val shaToBcrypt = shaUser.copy(
|
||||
// generated purely from stored data
|
||||
bpass = shaUser.password map { auth.passEnc(_).bytes }
|
||||
bpass = shaUser.password map { p => auth.passEnc(P(p)) }
|
||||
)
|
||||
|
||||
val shaToBcryptNoPass = shaToBcrypt.copy(password = None)
|
||||
|
||||
"correct" >> auth.compare(shaToBcrypt, "password")
|
||||
"wrong pass" >> !auth.compare(shaToBcrypt, "")
|
||||
"no pass" >> auth.compare(shaToBcryptNoPass, "password")
|
||||
"wrong sha" >> !auth.compare(shaToBcryptNoPass.copy(sha512 = Some(true)), "password")
|
||||
"correct" >> auth.compare(shaToBcrypt, P("password"))
|
||||
"wrong pass" >> !auth.compare(shaToBcrypt, P(""))
|
||||
"no pass" >> auth.compare(shaToBcryptNoPass, P("password"))
|
||||
"wrong sha" >> !auth.compare(shaToBcryptNoPass.copy(sha512 = Some(true)), P("password"))
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -2,6 +2,7 @@ package lila.user
|
|||
|
||||
import org.specs2.mutable.Specification
|
||||
import org.mindrot.BCrypt
|
||||
import User.{ClearPassword => P}
|
||||
|
||||
class PasswordHasherTest extends Specification {
|
||||
|
||||
|
@ -32,9 +33,9 @@ class PasswordHasherTest extends Specification {
|
|||
|
||||
"hasher" should {
|
||||
val passHasher = new PasswordHasher(secret, 2)
|
||||
val liHash = passHasher.hash("abc")
|
||||
"accept good" >> passHasher.check(liHash, "abc")
|
||||
"reject bad" >> !passHasher.check(liHash, "abc ")
|
||||
"uniq hash" >> { liHash !== passHasher.hash("abc") }
|
||||
val liHash = passHasher.hash(P("abc"))
|
||||
"accept good" >> passHasher.check(liHash, P("abc"))
|
||||
"reject bad" >> !passHasher.check(liHash, P("abc "))
|
||||
"uniq hash" >> { liHash !== passHasher.hash(P("abc")) }
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue