1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-23 23:32:40 +01:00
phorge-phorge/src/infrastructure
epriestley d122d9ec86 Allow users to recover from a missing password hasher
Summary:
Fixes T5934. If you hash a password with, e.g., bcrypt, and then lose the bcrypt hasher for some reason, we currently fatal when trying to figure out if we can upgrade.

Instead, detect that the current hasher implementation has vanished and let the user reset their password (for account passwords) or choose a new one (for VCS passwords)>

Test Plan:
Account password:

  - Artifically disabled bcrypt hasher.
  - Viewed password panel, saw warnings about missing hasher.
  - Used password reset workflow to change password, saw iterated MD5 hashed password get set.
  - Enabled bcrypt hasher again.
  - Saw upgrade warning.
  - Upgraded password to bcrypt.

VCS password:

  - Artificially disabled bcrypt hasher.
  - Viewed password panel, saw warnings about missing hasher.
  - Reset password.
  - Saw iterated md5 password.
  - Reenabled bcrypt.
  - Upgraded to bcrypt.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5934

Differential Revision: https://secure.phabricator.com/D10325
2014-08-21 11:30:05 -07:00
..
celerity Replace ActionHeader minicons with Font icons 2014-08-15 11:08:28 -07:00
customfield Support custom fields in "Order By" for Maniphest 2014-08-02 18:22:16 +10:00
daemon Use file.download to retrieve macro images in the IRC macro bot 2014-08-15 11:08:11 -07:00
diff Disable full screen mode for inline comments 2014-06-16 13:05:08 -07:00
edges Move board relationships to dedicated storage 2014-08-06 15:09:09 -07:00
env Be more strict about "Location:" redirects 2014-08-18 14:11:06 -07:00
events Remove all edge events 2014-07-17 15:41:42 -07:00
internationalization Add translated strings for new edge types 2014-07-17 15:43:55 -07:00
javelin Add support for aural-only and visual-only elements 2014-05-01 07:18:18 -07:00
lint/linter Rename Conduit classes 2014-07-25 10:54:15 +10:00
log Add an SSH access log 2013-12-05 17:00:48 -08:00
management Extend all "ManagementWorkflow" classes from a base class 2013-12-27 13:15:40 -08:00
markup Remarkup - add a regex to blacklist what objects get link 2014-08-14 15:20:45 -07:00
query Fix an issue where file queries would throw incorrectly 2014-08-02 14:46:36 -07:00
sms Allow worker tasks to have priorities 2014-07-12 03:02:06 +10:00
ssh Change double quotes to single quotes. 2014-06-09 11:36:50 -07:00
storage Show image dimensions and some other metadata in Differential 2014-08-13 14:41:06 -07:00
testing Be more strict about "Location:" redirects 2014-08-18 14:11:06 -07:00
time Change double quotes to single quotes. 2014-06-09 11:36:50 -07:00
util Allow users to recover from a missing password hasher 2014-08-21 11:30:05 -07:00
PhabricatorEditor.php Use ManiphestTaskQuery in nearly all interfaces 2013-09-25 13:44:14 -07:00