revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2025-02-10 13:58:34 +01:00
Code Issues Releases Wiki Activity
phorge-phorge/src/applications/settings/panel
History
epriestley d122d9ec86 Allow users to recover from a missing password hasher 
Summary:
Fixes T5934. If you hash a password with, e.g., bcrypt, and then lose the bcrypt hasher for some reason, we currently fatal when trying to figure out if we can upgrade.

Instead, detect that the current hasher implementation has vanished and let the user reset their password (for account passwords) or choose a new one (for VCS passwords)>

Test Plan:
Account password:

  - Artifically disabled bcrypt hasher.
  - Viewed password panel, saw warnings about missing hasher.
  - Used password reset workflow to change password, saw iterated MD5 hashed password get set.
  - Enabled bcrypt hasher again.
  - Saw upgrade warning.
  - Upgraded password to bcrypt.

VCS password:

  - Artificially disabled bcrypt hasher.
  - Viewed password panel, saw warnings about missing hasher.
  - Reset password.
  - Saw iterated md5 password.
  - Reenabled bcrypt.
  - Upgraded to bcrypt.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5934

Differential Revision: https://secure.phabricator.com/D10325
2014-08-21 11:30:05 -07:00
..
PhabricatorSettingsPanel.php Allow installs to require multi-factor authentication for all users 2014-06-03 16:50:27 -07:00
PhabricatorSettingsPanelAccount.php Change double quotes to single quotes. 2014-06-09 11:36:50 -07:00
PhabricatorSettingsPanelActivity.php Move activity log rendering to a dashboard panel 2014-05-15 19:17:02 -07:00
PhabricatorSettingsPanelConduit.php Make many actions require high security 2014-04-30 17:44:59 -07:00
PhabricatorSettingsPanelConpherencePreferences.php Rename PhabricatorApplication subclasses 2014-07-23 10:03:09 +10:00
PhabricatorSettingsPanelDeveloperPreferences.php Various linter fixes. 2014-02-26 12:44:58 -08:00
PhabricatorSettingsPanelDiffPreferences.php Change double quotes to single quotes. 2014-06-09 11:36:50 -07:00
PhabricatorSettingsPanelDisplayPreferences.php Settings - upgrade monospace font regexp to support '.' 2014-08-06 13:53:30 -07:00
PhabricatorSettingsPanelEmailAddresses.php Rename AphrontQueryException subclasses 2014-08-06 07:51:21 +10:00
PhabricatorSettingsPanelEmailFormat.php HTML emails 2014-08-15 08:12:21 -07:00
PhabricatorSettingsPanelEmailPreferences.php Allow users to set notifications to "Email", "Notification", or "Ignore" 2014-08-12 12:29:03 -07:00
PhabricatorSettingsPanelExternalAccounts.php Introduce CAN_EDIT for ExternalAccount, and make CAN_VIEW more liberal 2014-07-10 10:18:10 -07:00
PhabricatorSettingsPanelHomePreferences.php Rename PhabricatorApplication subclasses 2014-07-23 10:03:09 +10:00
PhabricatorSettingsPanelMultiFactor.php Terminate other sessions on credential changes 2014-08-04 12:04:35 -07:00
PhabricatorSettingsPanelPassword.php Allow users to recover from a missing password hasher 2014-08-21 11:30:05 -07:00
PhabricatorSettingsPanelSearchPreferences.php Various linter fixes. 2014-02-26 12:44:58 -08:00
PhabricatorSettingsPanelSessions.php Remove user-independent date and time functions from Phabricator 2014-07-13 12:03:17 +10:00
PhabricatorSettingsPanelSSHKeys.php SSH Keys - allow viewer to download the private key 2014-08-20 16:22:06 -07:00
PhabricatorSettingsPanelTokens.php Add an explicit temporary token management page to Settings 2014-08-04 12:04:13 -07:00