diff options
| author | Matthew Somerville <matthew-github@dracos.co.uk> | 2018-01-30 14:18:11 +0000 |
|---|---|---|
| committer | Matthew Somerville <matthew-github@dracos.co.uk> | 2018-02-01 16:41:27 +0000 |
| commit | 4ad2c0028f6b5a56d3a455cd7e3f04d9bd0ea722 (patch) | |
| tree | d9b2ce1ab4b3d3fac2e173a34eda735e73e35d80 | |
| parent | 124e3d1ab3b5213daf7a3c7ceee9f65ddd453928 (diff) | |
Increase bcrypt cost.
Though when running tests, decrease it for speed.
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Auth.pm | 6 | ||||
| -rw-r--r-- | perllib/FixMyStreet/DB/Result/User.pm | 6 | ||||
| -rw-r--r-- | perllib/FixMyStreet/Test.pm | 13 |
3 files changed, 18 insertions, 7 deletions
diff --git a/perllib/FixMyStreet/App/Controller/Auth.pm b/perllib/FixMyStreet/App/Controller/Auth.pm index 455022e03..fe980af0d 100644 --- a/perllib/FixMyStreet/App/Controller/Auth.pm +++ b/perllib/FixMyStreet/App/Controller/Auth.pm @@ -84,6 +84,12 @@ sub sign_in : Private { my $parsed = FixMyStreet::SMS->parse_username($username); if ($parsed->{username} && $password && $c->forward('authenticate', [ $parsed->{type}, $parsed->{username}, $password ])) { + # Upgrade hash count if necessary + my $cost = sprintf("%02d", FixMyStreet::DB::Result::User->cost); + if ($c->user->password !~ /^\$2a\$$cost\$/) { + $c->user->update({ password => $password }); + } + # unless user asked to be remembered limit the session to browser $c->set_session_cookie_expire(0) unless $remember_me; diff --git a/perllib/FixMyStreet/DB/Result/User.pm b/perllib/FixMyStreet/DB/Result/User.pm index d02039ac3..27ba9f0e3 100644 --- a/perllib/FixMyStreet/DB/Result/User.pm +++ b/perllib/FixMyStreet/DB/Result/User.pm @@ -125,11 +125,15 @@ with 'FixMyStreet::Roles::Extra'; __PACKAGE__->many_to_many( planned_reports => 'user_planned_reports', 'report' ); +sub cost { + FixMyStreet->test_mode ? 1 : 12; +} + __PACKAGE__->add_columns( "password" => { encode_column => 1, encode_class => 'Crypt::Eksblowfish::Bcrypt', - encode_args => { cost => 8 }, + encode_args => { cost => cost() }, encode_check_method => 'check_password', }, ); diff --git a/perllib/FixMyStreet/Test.pm b/perllib/FixMyStreet/Test.pm index 572ae0a44..aa1a63c21 100644 --- a/perllib/FixMyStreet/Test.pm +++ b/perllib/FixMyStreet/Test.pm @@ -7,6 +7,13 @@ use warnings FATAL => 'all'; use utf8; use Test::More; use mySociety::Locale; + +BEGIN { + use FixMyStreet; + FixMyStreet->test_mode(1); + mySociety::Locale::gettext_domain('FixMyStreet', 1); +} + use FixMyStreet::DB; my $db = FixMyStreet::DB->schema->storage; @@ -19,12 +26,6 @@ sub import { $db->txn_begin; } -BEGIN { - use FixMyStreet; - FixMyStreet->test_mode(1); - mySociety::Locale::gettext_domain('FixMyStreet', 1); -} - END { $db->txn_rollback if $db; } |