Fixed the bug where updating the config WorkFactor would mean that users could not log into their accounts once their passwords were updated to the new WorkFactor
This commit is contained in:
White
parent
e33b6ebebc
commit
ec178f0c4a
2 changed files with 9 additions and 19 deletions
|
|
@ -122,7 +122,7 @@ namespace TShockAPI.DB
|
|||
|
||||
if (
|
||||
_database.Query("UPDATE Users SET Password = @0 WHERE Username = @1;", user.Password,
|
||||
user.Name) == 0)
|
||||
user.Name) == 0)
|
||||
throw new UserNotExistException(user.Name);
|
||||
}
|
||||
catch (Exception ex)
|
||||
|
|
@ -443,7 +443,7 @@ namespace TShockAPI.DB
|
|||
}
|
||||
catch (SaltParseException)
|
||||
{
|
||||
if (HashPassword(password).ToUpper() == Password.ToUpper())
|
||||
if (String.Equals(HashPassword(password), Password, StringComparison.InvariantCultureIgnoreCase))
|
||||
{
|
||||
// Return true to keep blank passwords working but don't convert them to bcrypt.
|
||||
if (Password == "non-existant password") {
|
||||
|
|
@ -507,16 +507,7 @@ namespace TShockAPI.DB
|
|||
{
|
||||
try
|
||||
{
|
||||
Password = BCrypt.Net.BCrypt.HashPassword(password, TShock.Config.BCryptWorkFactor);
|
||||
}
|
||||
catch (ArgumentOutOfRangeException)
|
||||
{
|
||||
TShock.Log.ConsoleError("Invalid BCrypt work factor in config file! Refusing to change work-factor on exsting password.");
|
||||
}
|
||||
|
||||
try
|
||||
{
|
||||
TShock.Users.SetUserPassword(this, Password);
|
||||
TShock.Users.SetUserPassword(this, password);
|
||||
}
|
||||
catch (UserManagerException e)
|
||||
{
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue