Andreas/tracks
1
0
Fork 0
mirror of https://github.com/TracksApp/tracks.git synced 2026-01-19 15:36:10 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Authenticate users with deprecated SHA-1 passwords

Browse source
This commit is contained in:
Jan Stępień 2011-09-05 01:29:48 +02:00
parent 8e23d11054
commit e5708f5ce7
2 changed files with 23 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

12
app/models/user.rb
View file

@ -123,8 +123,8 @@ class User < ActiveRecord::Base
return nil if candidate.nil?
if Tracks::Config.auth_schemes.include?('database')
return candidate if candidate.auth_type == 'database' &&
BCrypt::Password.new(candidate.crypted_password) == pass
return candidate if candidate.auth_type == 'database' and
candidate.password_matches? pass
end
if Tracks::Config.auth_schemes.include?('ldap')
@ -216,6 +216,14 @@ class User < ActiveRecord::Base
crypted_password =~ /^[a-f0-9]{40}$/i
end
def password_matches?(pass)
if uses_deprecated_password?
crypted_password == User.sha1(pass)
else
BCrypt::Password.new(crypted_password) == pass
end
end
protected
def self.salted(s)