themaster1970sf/TShock
1
0
Fork 0
Code Issues Pull requests Projects Releases 1 Packages Wiki Activity Actions

Require minimum password length of 4, and trim new passwords for whitespace.

Browse source 
Fixes problems reported by @MarioE and @Simon311:
- Users can no longer register with whitespace for a password.
- Users can no longer register with 4 whitespaces for a password.
This commit is contained in:
Lucas Nicodemus 2015-04-13 14:24:12 -06:00
parent 845c8c4b3d
commit 12f893e0cb
3 changed files with 28 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

8
TShockAPI/DB/UserManager.cs
View file

@ -412,11 +412,15 @@ namespace TShockAPI.DB
/// <summary>Creates a BCrypt hash for a user and stores it in this object.</summary>
/// <param name="password">string password - the plain text password to hash</param>
public void CreateBCryptHash(string password) {
if (password.Trim().Length < Math.Max(4, TShock.Config.MinimumPasswordLength)) {
throw new ArgumentOutOfRangeException("password", "Password must be > " + TShock.Config.MinimumPasswordLength + " characters.");
}
try {
this.Password = BCrypt.Net.BCrypt.HashPassword(password, TShock.Config.BCryptWorkFactor);
this.Password = BCrypt.Net.BCrypt.HashPassword(password.Trim(), TShock.Config.BCryptWorkFactor);
} catch (ArgumentOutOfRangeException) {
TShock.Log.ConsoleError("Invalid BCrypt work factor in config file! Creating new hash using default work factor.");
this.Password = BCrypt.Net.BCrypt.HashPassword(password);
this.Password = BCrypt.Net.BCrypt.HashPassword(password.Trim());
}
}