diff options
| author | rinpatch <rinpatch@sdf.org> | 2020-05-18 07:57:13 +0000 |
|---|---|---|
| committer | rinpatch <rinpatch@sdf.org> | 2020-05-18 07:57:13 +0000 |
| commit | 1199cf3a788334cd3fdb968d9f736e43c1401da1 (patch) | |
| tree | 61fc3e5a4a941a1e5e4b39b3e8009d6cbe6cf00b /test | |
| parent | b0ccdb5af4baa119b336298d38f34746cdce0111 (diff) | |
| parent | 8bfd9710ae70204b29e184f08d78b95a2f81ad6c (diff) | |
| download | pleroma-1199cf3a788334cd3fdb968d9f736e43c1401da1.tar.gz | |
Merge branch '1763-password-updates' into 'develop'
Authentication Plug: Update bcrypt password on login.
Closes #1763
See merge request pleroma/pleroma!2542
Diffstat (limited to 'test')
| -rw-r--r-- | test/plugs/authentication_plug_test.exs | 34 | ||||
| -rw-r--r-- | test/web/auth/pleroma_authenticator_test.exs | 9 |
2 files changed, 37 insertions, 6 deletions
diff --git a/test/plugs/authentication_plug_test.exs b/test/plugs/authentication_plug_test.exs index c8ede71c0..3c70c1747 100644 --- a/test/plugs/authentication_plug_test.exs +++ b/test/plugs/authentication_plug_test.exs @@ -11,6 +11,7 @@ defmodule Pleroma.Plugs.AuthenticationPlugTest do alias Pleroma.User import ExUnit.CaptureLog + import Pleroma.Factory setup %{conn: conn} do user = %User{ @@ -50,16 +51,41 @@ defmodule Pleroma.Plugs.AuthenticationPlugTest do assert PlugHelper.plug_skipped?(conn, OAuthScopesPlug) end - test "with a wrong password in the credentials, it does nothing", %{conn: conn} do + test "with a bcrypt hash, it updates to a pkbdf2 hash", %{conn: conn} do + user = insert(:user, password_hash: Bcrypt.hash_pwd_salt("123")) + assert "$2" <> _ = user.password_hash + conn = conn - |> assign(:auth_credentials, %{password: "wrong"}) + |> assign(:auth_user, user) + |> assign(:auth_credentials, %{password: "123"}) + |> AuthenticationPlug.call(%{}) - ret_conn = + assert conn.assigns.user.id == conn.assigns.auth_user.id + assert PlugHelper.plug_skipped?(conn, OAuthScopesPlug) + + user = User.get_by_id(user.id) + assert "$pbkdf2" <> _ = user.password_hash + end + + test "with a crypt hash, it updates to a pkbdf2 hash", %{conn: conn} do + user = + insert(:user, + password_hash: + "$6$9psBWV8gxkGOZWBz$PmfCycChoxeJ3GgGzwvhlgacb9mUoZ.KUXNCssekER4SJ7bOK53uXrHNb2e4i8yPFgSKyzaW9CcmrDXWIEMtD1" + ) + + conn = conn + |> assign(:auth_user, user) + |> assign(:auth_credentials, %{password: "password"}) |> AuthenticationPlug.call(%{}) - assert conn == ret_conn + assert conn.assigns.user.id == conn.assigns.auth_user.id + assert PlugHelper.plug_skipped?(conn, OAuthScopesPlug) + + user = User.get_by_id(user.id) + assert "$pbkdf2" <> _ = user.password_hash end describe "checkpw/2" do diff --git a/test/web/auth/pleroma_authenticator_test.exs b/test/web/auth/pleroma_authenticator_test.exs index 5a421e5ed..731bd5932 100644 --- a/test/web/auth/pleroma_authenticator_test.exs +++ b/test/web/auth/pleroma_authenticator_test.exs @@ -15,11 +15,16 @@ defmodule Pleroma.Web.Auth.PleromaAuthenticatorTest do {:ok, [user: user, name: name, password: password]} end - test "get_user/authorization", %{user: user, name: name, password: password} do + test "get_user/authorization", %{name: name, password: password} do + name = name <> "1" + user = insert(:user, nickname: name, password_hash: Bcrypt.hash_pwd_salt(password)) + params = %{"authorization" => %{"name" => name, "password" => password}} res = PleromaAuthenticator.get_user(%Plug.Conn{params: params}) - assert {:ok, user} == res + assert {:ok, returned_user} = res + assert returned_user.id == user.id + assert "$pbkdf2" <> _ = returned_user.password_hash end test "get_user/authorization with invalid password", %{name: name} do |