Mercurial > p > roundup > code

diff roundup/cgi/actions.py @ 7162:cfdcaf8b5936

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
issue2551251 - migrate pbkdf2 passwords if more rounds configured migrate/re-encrypt PBKDF2 password if stored password used a smaller number of rounds than set in password_pbkdf2_default_rounds. Also increase fallback number of rounds (when not set in config) to 2,000,000.
author John Rouillard <rouilj@ieee.org>
date Thu, 23 Feb 2023 19:34:39 -0500
parents 9fe29682dca2
children 0b52ee664580
line wrap: on
line diff
--- a/roundup/cgi/actions.py	Thu Feb 23 19:17:42 2023 -0500
+++ b/roundup/cgi/actions.py	Thu Feb 23 19:34:39 2023 -0500
@@ -1399,7 +1399,8 @@
         db = self.db
         stored = db.user.get(userid, 'password')
         if givenpw == stored:
-            if db.config.WEB_MIGRATE_PASSWORDS and stored.needs_migration():
+            if (db.config.WEB_MIGRATE_PASSWORDS and
+                stored.needs_migration(config=db.config)):
                 newpw = password.Password(givenpw, config=db.config)
                 db.user.set(userid, password=newpw)
                 db.commit()
Roundup Issue Tracker: http://roundup-tracker.org/