Changeset View
Changeset View
Standalone View
Standalone View
src/applications/auth/provider/PhabricatorAuthProviderPassword.php
Show First 20 Lines • Show All 258 Lines • ▼ Show 20 Lines | if ($request->isFormPost()) { | ||||
$username_or_email); | $username_or_email); | ||||
} | } | ||||
if ($user) { | if ($user) { | ||||
$envelope = new PhutilOpaqueEnvelope($request->getStr('password')); | $envelope = new PhutilOpaqueEnvelope($request->getStr('password')); | ||||
if ($user->comparePassword($envelope)) { | if ($user->comparePassword($envelope)) { | ||||
$account = $this->loadOrCreateAccount($user->getPHID()); | $account = $this->loadOrCreateAccount($user->getPHID()); | ||||
$log_user = $user; | $log_user = $user; | ||||
// If the user's password is stored using a less-than-optimal | |||||
// hash, upgrade them to the strongest available hash. | |||||
$hash_envelope = new PhutilOpaqueEnvelope( | |||||
$user->getPasswordHash()); | |||||
if (PhabricatorPasswordHasher::canUpgradeHash($hash_envelope)) { | |||||
$user->setPassword($envelope); | |||||
$unguarded = AphrontWriteGuard::beginScopedUnguardedWrites(); | |||||
$user->save(); | |||||
unset($unguarded); | |||||
} | |||||
} | } | ||||
} | } | ||||
} | } | ||||
} | } | ||||
} | } | ||||
if (!$account) { | if (!$account) { | ||||
if ($request->isFormPost()) { | if ($request->isFormPost()) { | ||||
▲ Show 20 Lines • Show All 66 Lines • Show Last 20 Lines |