diff options
| author | Matthew Somerville <matthew-github@dracos.co.uk> | 2018-01-30 14:18:11 +0000 |
|---|---|---|
| committer | Matthew Somerville <matthew-github@dracos.co.uk> | 2018-02-01 16:41:27 +0000 |
| commit | 4ad2c0028f6b5a56d3a455cd7e3f04d9bd0ea722 (patch) | |
| tree | d9b2ce1ab4b3d3fac2e173a34eda735e73e35d80 /perllib/FixMyStreet/App/Controller/Auth.pm | |
| parent | 124e3d1ab3b5213daf7a3c7ceee9f65ddd453928 (diff) | |
Increase bcrypt cost.
Though when running tests, decrease it for speed.
Diffstat (limited to 'perllib/FixMyStreet/App/Controller/Auth.pm')
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Auth.pm | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/perllib/FixMyStreet/App/Controller/Auth.pm b/perllib/FixMyStreet/App/Controller/Auth.pm index 455022e03..fe980af0d 100644 --- a/perllib/FixMyStreet/App/Controller/Auth.pm +++ b/perllib/FixMyStreet/App/Controller/Auth.pm @@ -84,6 +84,12 @@ sub sign_in : Private { my $parsed = FixMyStreet::SMS->parse_username($username); if ($parsed->{username} && $password && $c->forward('authenticate', [ $parsed->{type}, $parsed->{username}, $password ])) { + # Upgrade hash count if necessary + my $cost = sprintf("%02d", FixMyStreet::DB::Result::User->cost); + if ($c->user->password !~ /^\$2a\$$cost\$/) { + $c->user->update({ password => $password }); + } + # unless user asked to be remembered limit the session to browser $c->set_session_cookie_expire(0) unless $remember_me; |