mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
FIX Update meber passwordencryption to default on password change
This commit is contained in:
parent
79bba8bfd1
commit
2ad3cc07d5
@ -975,8 +975,7 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
$encryption_details = Security::encrypt_password(
|
$encryption_details = Security::encrypt_password(
|
||||||
$this->Password, // this is assumed to be cleartext
|
$this->Password, // this is assumed to be cleartext
|
||||||
$this->Salt,
|
$this->Salt,
|
||||||
($this->PasswordEncryption) ?
|
$this->isChanged('PasswordEncryption') ? $this->PasswordEncryption : null,
|
||||||
$this->PasswordEncryption : Security::config()->password_encryption_algorithm,
|
|
||||||
$this
|
$this
|
||||||
);
|
);
|
||||||
|
|
||||||
|
@ -45,7 +45,21 @@ class MemberTest extends FunctionalTest {
|
|||||||
parent::tearDown();
|
parent::tearDown();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function testPasswordEncryptionUpdatedOnChangedPassword()
|
||||||
|
{
|
||||||
|
Config::inst()->update('Security', 'password_encryption_algorithm', 'none');
|
||||||
|
$member = Member::create();
|
||||||
|
$member->SetPassword = 'password';
|
||||||
|
$member->write();
|
||||||
|
$this->assertEquals('password', $member->Password);
|
||||||
|
$this->assertEquals('none', $member->PasswordEncryption);
|
||||||
|
Config::inst()->update('Security', 'password_encryption_algorithm', 'blowfish');
|
||||||
|
$member->SetPassword = 'newpassword';
|
||||||
|
$member->write();
|
||||||
|
$this->assertNotEquals('password', $member->Password);
|
||||||
|
$this->assertNotEquals('newpassword', $member->Password);
|
||||||
|
$this->assertEquals('blowfish', $member->PasswordEncryption);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @expectedException ValidationException
|
* @expectedException ValidationException
|
||||||
@ -94,28 +108,6 @@ class MemberTest extends FunctionalTest {
|
|||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testDefaultPasswordEncryptionDoesntChangeExistingMembers() {
|
|
||||||
$member = new Member();
|
|
||||||
$member->Password = 'mypassword';
|
|
||||||
$member->PasswordEncryption = 'sha1_v2.4';
|
|
||||||
$member->write();
|
|
||||||
|
|
||||||
$origAlgo = Security::config()->password_encryption_algorithm;
|
|
||||||
Security::config()->password_encryption_algorithm = 'none';
|
|
||||||
|
|
||||||
$member->Password = 'mynewpassword';
|
|
||||||
$member->write();
|
|
||||||
|
|
||||||
$this->assertEquals(
|
|
||||||
$member->PasswordEncryption,
|
|
||||||
'sha1_v2.4'
|
|
||||||
);
|
|
||||||
$result = $member->checkPassword('mynewpassword');
|
|
||||||
$this->assertTrue($result->valid());
|
|
||||||
|
|
||||||
Security::config()->password_encryption_algorithm = $origAlgo;
|
|
||||||
}
|
|
||||||
|
|
||||||
public function testKeepsEncryptionOnEmptyPasswords() {
|
public function testKeepsEncryptionOnEmptyPasswords() {
|
||||||
$member = new Member();
|
$member = new Member();
|
||||||
$member->Password = 'mypassword';
|
$member->Password = 'mypassword';
|
||||||
@ -126,8 +118,8 @@ class MemberTest extends FunctionalTest {
|
|||||||
$member->write();
|
$member->write();
|
||||||
|
|
||||||
$this->assertEquals(
|
$this->assertEquals(
|
||||||
$member->PasswordEncryption,
|
Security::config()->get('password_encryption_algorithm'),
|
||||||
'sha1_v2.4'
|
$member->PasswordEncryption
|
||||||
);
|
);
|
||||||
$result = $member->checkPassword('');
|
$result = $member->checkPassword('');
|
||||||
$this->assertTrue($result->valid());
|
$this->assertTrue($result->valid());
|
||||||
|
Loading…
Reference in New Issue
Block a user