diff --git a/src/Security/DefaultAdminService.php b/src/Security/DefaultAdminService.php index 22d4dd50c..1f5cf7497 100644 --- a/src/Security/DefaultAdminService.php +++ b/src/Security/DefaultAdminService.php @@ -171,6 +171,7 @@ class DefaultAdminService $admin = Member::create(); $admin->FirstName = $name ?: $email; $admin->Email = $email; + $admin->PasswordEncryption = 'none'; $admin->write(); } diff --git a/src/Security/Member.php b/src/Security/Member.php index 40bdd9389..9061039ad 100644 --- a/src/Security/Member.php +++ b/src/Security/Member.php @@ -919,7 +919,7 @@ class Member extends DataObject // The test on $this->ID is used for when records are initially created. Note that this only works with // cleartext passwords, as we can't rehash existing passwords. Checking passwordChangesToWrite prevents // recursion between changePassword and this method. - if ((!$this->ID && $this->Password) || ($this->isChanged('Password') && !$this->passwordChangesToWrite)) { + if (!$this->ID || ($this->isChanged('Password') && !$this->passwordChangesToWrite)) { $this->changePassword($this->Password, false); } diff --git a/tests/php/Security/MemberTest.php b/tests/php/Security/MemberTest.php index 8476380ca..e9b649ac9 100644 --- a/tests/php/Security/MemberTest.php +++ b/tests/php/Security/MemberTest.php @@ -115,7 +115,8 @@ class MemberTest extends FunctionalTest $memberNoPassword = new Member(); $memberNoPassword->write(); - $this->assertNull( + $this->assertEquals( + Security::config()->get('password_encryption_algorithm'), $memberNoPassword->PasswordEncryption, 'Password encryption is not set for new member records on first write, when not setting a "Password")' ); @@ -853,15 +854,12 @@ class MemberTest extends FunctionalTest public function testGenerateAutologinTokenAndStoreHash() { - $enc = new PasswordEncryptor_Blowfish(); - $m = new Member(); - $m->PasswordEncryption = 'blowfish'; - $m->Salt = $enc->salt('123'); + $m->write(); $token = $m->generateAutologinTokenAndStoreHash(); - $this->assertEquals($m->encryptWithUserSettings($token), $m->AutoLoginHash, 'Stores the token as ahash.'); + $this->assertEquals($m->encryptWithUserSettings($token), $m->AutoLoginHash, 'Stores the token as a hash.'); } public function testValidateAutoLoginToken() @@ -869,13 +867,11 @@ class MemberTest extends FunctionalTest $enc = new PasswordEncryptor_Blowfish(); $m1 = new Member(); - $m1->PasswordEncryption = 'blowfish'; - $m1->Salt = $enc->salt('123'); + $m1->write(); $m1Token = $m1->generateAutologinTokenAndStoreHash(); $m2 = new Member(); - $m2->PasswordEncryption = 'blowfish'; - $m2->Salt = $enc->salt('456'); + $m2->write(); $m2->generateAutologinTokenAndStoreHash(); $this->assertTrue($m1->validateAutoLoginToken($m1Token), 'Passes token validity test against matching member.'); @@ -899,9 +895,7 @@ class MemberTest extends FunctionalTest public function testRememberMeHashAutologin() { - /** - * @var Member $m1 -*/ + /** @var Member $m1 */ $m1 = $this->objFromFixture(Member::class, 'noexpiry'); Injector::inst()->get(IdentityStore::class)->logIn($m1, true); diff --git a/tests/php/Security/SecurityDefaultAdminTest.php b/tests/php/Security/SecurityDefaultAdminTest.php index 401ba9313..9b40dd9fb 100644 --- a/tests/php/Security/SecurityDefaultAdminTest.php +++ b/tests/php/Security/SecurityDefaultAdminTest.php @@ -4,6 +4,7 @@ namespace SilverStripe\Security\Tests; use SilverStripe\Dev\SapphireTest; use SilverStripe\Security\Member; +use SilverStripe\Security\PasswordEncryptor; use SilverStripe\Security\Permission; use SilverStripe\Security\DefaultAdminService; @@ -77,6 +78,7 @@ class SecurityDefaultAdminTest extends SapphireTest $this->assertEquals($admin->Email, DefaultAdminService::getDefaultAdminUsername()); $this->assertTrue(DefaultAdminService::isDefaultAdmin($admin->Email)); $this->assertNull($admin->Password); + $this->assertArrayHasKey($admin->PasswordEncryption, PasswordEncryptor::get_encryptors()); } public function testFindOrCreateAdmin()