moon
/
sync
mirror of https://github.com/calzoneman/sync.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Minor fix regarding password resets

This commit is contained in:
calzoneman 2013-06-20 20:12:24 -04:00
parent 7bb38ec8a5
commit bd7a41ce3d
1 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
database.js
View File

@ -685,6 +685,16 @@ function setUserEmail(name, email) {
return true;
}
function genSalt() {
var chars = "abcdefgihjklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
+ "0123456789!@#$%^&*_+=~";
var salt = [];
for(var i = 0; i < 32; i++) {
salt.push(chars[parseInt(Math.random()*chars.length)]);
}
return salt.join('');
}
function generatePasswordReset(ip, name, email) {
var db = getConnection();
if(!db) {
@ -711,7 +721,7 @@ function generatePasswordReset(ip, name, email) {
}
// Validation complete, now time to reset it
var hash = hashlib.sha256(Date.now() + name);
var hash = hashlib.sha256(genSalt() + name);
var exp = Date.now() + 24*60*60*1000;
query = createQuery(
["INSERT INTO `password_reset` (",