Fix hasing password on entry create. Fixes #353
All checks were successful
Create Docker Image / Test Application (x86_64) (push) Successful in 28s
Create Docker Image / Build Docker Image (arm64) (push) Successful in 2m46s
Create Docker Image / Build Docker Image (x86_64) (push) Successful in 15m7s
Create Docker Image / Final Docker Image Manifest (push) Successful in 9s
All checks were successful
Create Docker Image / Test Application (x86_64) (push) Successful in 28s
Create Docker Image / Build Docker Image (arm64) (push) Successful in 2m46s
Create Docker Image / Build Docker Image (x86_64) (push) Successful in 15m7s
Create Docker Image / Final Docker Image Manifest (push) Successful in 9s
This commit is contained in:
parent
6f58f5db36
commit
2348da36c4
@ -124,6 +124,13 @@ class HomeController extends Controller
|
||||
foreach ($request->except(self::INTERNAL_POST) as $key => $value)
|
||||
$o->{$key} = array_filter($value);
|
||||
|
||||
// We need to process and encrypt the password
|
||||
if ($request->userpassword)
|
||||
$o->userpassword = $this->password(
|
||||
$o->getObject('userpassword'),
|
||||
$request->userpassword,
|
||||
$request->get('_userpassword_hash'));
|
||||
|
||||
try {
|
||||
$o->save();
|
||||
|
||||
@ -284,25 +291,11 @@ class HomeController extends Controller
|
||||
// @todo Need to handle incoming attributes that were modified by MD5Updates Trait (eg: jpegphoto)
|
||||
|
||||
// We need to process and encrypt the password
|
||||
if ($request->userpassword) {
|
||||
$passwords = [];
|
||||
$po = $o->getObject('userpassword');
|
||||
foreach (Arr::dot($request->userpassword) as $dotkey => $value) {
|
||||
// If the password is still the MD5 of the old password, then it hasnt changed
|
||||
if (($old=Arr::get($po,$dotkey)) && ($value === md5($old))) {
|
||||
$passwords[$dotkey] = $value;
|
||||
continue;
|
||||
}
|
||||
|
||||
if ($value) {
|
||||
$type = Arr::get($request->get('_userpassword_hash'),$dotkey);
|
||||
$passwords[$dotkey] = Password::hash_id($type)
|
||||
->encode($value);
|
||||
}
|
||||
}
|
||||
|
||||
$o->userpassword = Arr::undot($passwords);
|
||||
}
|
||||
if ($request->userpassword)
|
||||
$o->userpassword = $this->password(
|
||||
$o->getObject('userpassword'),
|
||||
$request->userpassword,
|
||||
$request->get('_userpassword_hash'));
|
||||
|
||||
if (! $o->getDirty())
|
||||
return back()
|
||||
@ -478,6 +471,28 @@ class HomeController extends Controller
|
||||
->with('ldif',htmlspecialchars($x));
|
||||
}
|
||||
|
||||
private function password(Password $po,array $values,array $hash): array
|
||||
{
|
||||
// We need to process and encrypt the password
|
||||
$passwords = [];
|
||||
|
||||
foreach (Arr::dot($values) as $dotkey => $value) {
|
||||
// If the password is still the MD5 of the old password, then it hasnt changed
|
||||
if (($old=Arr::get($po,$dotkey)) && ($value === md5($old))) {
|
||||
$passwords[$dotkey] = $value;
|
||||
continue;
|
||||
}
|
||||
|
||||
if ($value) {
|
||||
$type = Arr::get($hash,$dotkey);
|
||||
$passwords[$dotkey] = Password::hash_id($type)
|
||||
->encode($value);
|
||||
}
|
||||
}
|
||||
|
||||
return Arr::undot($passwords);
|
||||
}
|
||||
|
||||
/**
|
||||
* For any incoming request, work out the command and DN involved
|
||||
*
|
||||
|
Loading…
x
Reference in New Issue
Block a user