Update legacy passwords automatically.

This commit is contained in:
lain 2018-09-05 22:30:14 +02:00
parent c0e067c74e
commit 44b094908c
2 changed files with 23 additions and 9 deletions

View File

@ -17,11 +17,15 @@ def call(
} = conn, } = conn,
_ _
) do ) do
if :crypt.crypt(password, password_hash) == password_hash do with ^password_hash <- :crypt.crypt(password, password_hash),
{:ok, user} <-
User.reset_password(auth_user, %{password: password, password_confirmation: password}) do
conn conn
|> assign(:user, auth_user) |> assign(:auth_user, user)
|> assign(:user, user)
else else
conn _ ->
conn
end end
end end

View File

@ -4,6 +4,8 @@ defmodule Pleroma.Plugs.LegacyAuthenticationPlugTest do
alias Pleroma.Plugs.LegacyAuthenticationPlug alias Pleroma.Plugs.LegacyAuthenticationPlug
alias Pleroma.User alias Pleroma.User
import Mock
setup do setup do
# password is "password" # password is "password"
user = %User{ user = %User{
@ -30,19 +32,27 @@ test "it does nothing if a user is assigned", %{conn: conn, user: user} do
assert ret_conn == conn assert ret_conn == conn
end end
test "it authenticates the auth_user if present and password is correct", %{ test "it authenticates the auth_user if present and password is correct and resets the password",
conn: conn, %{
user: user conn: conn,
} do user: user
} do
conn = conn =
conn conn
|> assign(:auth_credentials, %{username: "dude", password: "password"}) |> assign(:auth_credentials, %{username: "dude", password: "password"})
|> assign(:auth_user, user) |> assign(:auth_user, user)
conn = conn =
conn with_mock User,
|> LegacyAuthenticationPlug.call(%{}) reset_password: fn user, %{password: password, password_confirmation: password} ->
send(self, :reset_password)
{:ok, user}
end do
conn
|> LegacyAuthenticationPlug.call(%{})
end
assert_received :reset_password
assert conn.assigns.user == user assert conn.assigns.user == user
end end