diff --git a/TShockAPI/Commands.cs b/TShockAPI/Commands.cs
index 1d172648..5c4532a3 100755
--- a/TShockAPI/Commands.cs
+++ b/TShockAPI/Commands.cs
@@ -924,10 +924,12 @@ namespace TShockAPI
{
user.Name = args.Player.Name;
echoPassword = args.Parameters[0];
- try {
+ try
+ {
user.CreateBCryptHash(args.Parameters[0]);
}
- catch (ArgumentOutOfRangeException) {
+ catch (ArgumentOutOfRangeException)
+ {
args.Player.SendErrorMessage("Password must be greater than or equal to " + TShock.Config.MinimumPasswordLength + " characters.");
return;
}
@@ -936,9 +938,12 @@ namespace TShockAPI
{
user.Name = args.Parameters[0];
echoPassword = args.Parameters[1];
- try {
+ try
+ {
user.CreateBCryptHash(args.Parameters[1]);
- } catch (ArgumentOutOfRangeException) {
+ }
+ catch (ArgumentOutOfRangeException)
+ {
args.Player.SendErrorMessage("Password must be greater than or equal to " + TShock.Config.MinimumPasswordLength + " characters.");
return;
}
@@ -991,7 +996,9 @@ namespace TShockAPI
user.Name = args.Parameters[1];
try {
user.CreateBCryptHash(args.Parameters[2]);
- } catch (ArgumentOutOfRangeException) {
+ }
+ catch (ArgumentOutOfRangeException)
+ {
args.Player.SendErrorMessage("Password must be greater than or equal to " + TShock.Config.MinimumPasswordLength + " characters.");
return;
}
diff --git a/TShockAPI/DB/UserManager.cs b/TShockAPI/DB/UserManager.cs
index 290f06d4..9a6cc08d 100755
--- a/TShockAPI/DB/UserManager.cs
+++ b/TShockAPI/DB/UserManager.cs
@@ -348,15 +348,21 @@ namespace TShockAPI.DB
///
/// string password - The password to check against the user object.
/// bool true, if the password matched, or false, if it didn't.
- public bool VerifyPassword(string password) {
- try {
- if (BCrypt.Net.BCrypt.Verify(password, this.Password)) {
+ public bool VerifyPassword(string password)
+ {
+ try
+ {
+ if (BCrypt.Net.BCrypt.Verify(password, this.Password))
+ {
// If necessary, perform an upgrade to the highest work factor.
upgradePasswordWorkFactor(password);
return true;
}
- } catch (SaltParseException) {
- if (hashPassword(password).ToUpper() == this.Password.ToUpper()) {
+ }
+ catch (SaltParseException)
+ {
+ if (hashPassword(password).ToUpper() == this.Password.ToUpper())
+ {
// The password is not stored using BCrypt; upgrade it to BCrypt immediately
upgradePasswordToBCrypt(password);
return true;
@@ -368,21 +374,28 @@ namespace TShockAPI.DB
/// Upgrades a password to BCrypt, from an insecure hashing algorithm.
/// string password - the raw user password (unhashed) to upgrade
- protected internal void upgradePasswordToBCrypt(string password) {
+ protected internal void upgradePasswordToBCrypt(string password)
+ {
// Save the old password, in the event that we have to revert changes.
string oldpassword = this.Password;
// Convert the password to BCrypt, and save it.
- try {
+ try
+ {
this.Password = BCrypt.Net.BCrypt.HashPassword(password, TShock.Config.BCryptWorkFactor);
- } catch (ArgumentOutOfRangeException) {
+ }
+ catch (ArgumentOutOfRangeException)
+ {
TShock.Log.ConsoleError("Invalid BCrypt work factor in config file! Upgrading user password to BCrypt using default work factor.");
this.Password = BCrypt.Net.BCrypt.HashPassword(password);
}
- try {
+ try
+ {
TShock.Users.SetUserPassword(this, this.Password);
- } catch (UserManagerException e) {
+ }
+ catch (UserManagerException e)
+ {
TShock.Log.ConsoleError(e.ToString());
this.Password = oldpassword; // Revert changes
}
@@ -390,20 +403,28 @@ namespace TShockAPI.DB
/// Upgrades a password to the highest work factor available in the config.
/// string password - the raw user password (unhashed) to upgrade
- protected internal void upgradePasswordWorkFactor(string password) {
+ protected internal void upgradePasswordWorkFactor(string password)
+ {
// If the destination work factor is not greater, we won't upgrade it or re-hash it
int currentWorkFactor = Convert.ToInt32((this.Password.Split('$')[2]));
- if (currentWorkFactor < TShock.Config.BCryptWorkFactor) {
- try {
+ if (currentWorkFactor < TShock.Config.BCryptWorkFactor)
+ {
+ try
+ {
this.Password = BCrypt.Net.BCrypt.HashPassword(password, TShock.Config.BCryptWorkFactor);
- } catch (ArgumentOutOfRangeException) {
+ }
+ catch (ArgumentOutOfRangeException)
+ {
TShock.Log.ConsoleError("Invalid BCrypt work factor in config file! Refusing to change work-factor on exsting password.");
}
- try {
+ try
+ {
TShock.Users.SetUserPassword(this, this.Password);
- } catch (UserManagerException e) {
+ }
+ catch (UserManagerException e)
+ {
TShock.Log.ConsoleError(e.ToString());
}
}
@@ -411,19 +432,35 @@ namespace TShockAPI.DB
/// Creates a BCrypt hash for a user and stores it in this object.
/// string password - the plain text password to hash
- public void CreateBCryptHash(string password) {
-
- if (password.Trim().Length < Math.Max(4, TShock.Config.MinimumPasswordLength)) {
+ public void CreateBCryptHash(string password)
+ {
+ if (password.Trim().Length < Math.Max(4, TShock.Config.MinimumPasswordLength))
+ {
throw new ArgumentOutOfRangeException("password", "Password must be > " + TShock.Config.MinimumPasswordLength + " characters.");
}
- try {
+ try
+ {
this.Password = BCrypt.Net.BCrypt.HashPassword(password.Trim(), TShock.Config.BCryptWorkFactor);
- } catch (ArgumentOutOfRangeException) {
+ }
+ catch (ArgumentOutOfRangeException)
+ {
TShock.Log.ConsoleError("Invalid BCrypt work factor in config file! Creating new hash using default work factor.");
this.Password = BCrypt.Net.BCrypt.HashPassword(password.Trim());
}
}
+ /// Creates a BCrypt hash for a user and stores it in this object.
+ /// string password - the plain text password to hash
+ /// int workFactor - the work factor to use in generating the password hash
+ public void CreateBCryptHash(string password, int workFactor)
+ {
+ if (password.Trim().Length < Math.Max(4, TShock.Config.MinimumPasswordLength))
+ {
+ throw new ArgumentOutOfRangeException("password", "Password must be > " + TShock.Config.MinimumPasswordLength + " characters.");
+ }
+ this.Password = BCrypt.Net.BCrypt.HashPassword(password.Trim(), workFactor);
+ }
+
///
/// A dictionary of hashing algortihms and an implementation object.
///