mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-14 10:52:41 +01:00
d122d9ec86
Summary: Fixes T5934. If you hash a password with, e.g., bcrypt, and then lose the bcrypt hasher for some reason, we currently fatal when trying to figure out if we can upgrade. Instead, detect that the current hasher implementation has vanished and let the user reset their password (for account passwords) or choose a new one (for VCS passwords)> Test Plan: Account password: - Artifically disabled bcrypt hasher. - Viewed password panel, saw warnings about missing hasher. - Used password reset workflow to change password, saw iterated MD5 hashed password get set. - Enabled bcrypt hasher again. - Saw upgrade warning. - Upgraded password to bcrypt. VCS password: - Artificially disabled bcrypt hasher. - Viewed password panel, saw warnings about missing hasher. - Reset password. - Saw iterated md5 password. - Reenabled bcrypt. - Upgraded to bcrypt. Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Maniphest Tasks: T5934 Differential Revision: https://secure.phabricator.com/D10325 |
||
---|---|---|
.. | ||
DiffusionSetPasswordPanel.php |