akkoma/lib/pleroma/password.ex

defmodule Pleroma.Password do
  @moduledoc """
  This module handles password hashing and verification.
  It will delegate to the appropriate module based on the password hash.
  It also handles upgrading of password hashes.
  """

  alias Pleroma.User
  alias Pleroma.Password.Pbkdf2

  @hashing_module Argon2

  defdelegate hash_pwd_salt, to: @hashing_module

  @spec checkpw(String.t(), String.t()) :: boolean()
  def checkpw(password, "$2" <> _ = password_hash) do
    # Handle bcrypt passwords for Mastodon migration
    Bcrypt.verify_pass(password, password_hash)
  end

  def checkpw(password, "$pbkdf2" <> _ = password_hash) do
    Pbkdf2.verify_pass(password, password_hash)
  end

  def checkpw(password, "$argon2" <> _ = password_hash) do
    Argon2.verify_pass(password, password_hash)
  end

  def checkpw(_password, _password_hash) do
    Logger.error("Password hash not recognized")
    false
  end

  def maybe_update_password(%User{password_hash: "$2" <> _} = user, password) do
    do_update_password(user, password)
  end

  def maybe_update_password(%User{password_hash: "$6" <> _} = user, password) do
    do_update_password(user, password)
  end

  def maybe_update_password(%User{password_hash: "$pbkdf2" <> _} = user, password) do
    do_update_password(user, password)
  end

  def maybe_update_password(user, _), do: {:ok, user}

  defp do_update_password(user, password) do
    User.reset_password(user, %{password: password, password_confirmation: password})
  end
end
Collect password functions in a module 2022-12-30 02:05:16 +00:00			`defmodule Pleroma.Password do`
			`@moduledoc """`
			`This module handles password hashing and verification.`
			`It will delegate to the appropriate module based on the password hash.`
			`It also handles upgrading of password hashes.`
			`"""`

			`alias Pleroma.User`
			`alias Pleroma.Password.Pbkdf2`

			`@hashing_module Argon2`

			`defdelegate hash_pwd_salt, to: @hashing_module`

			`@spec checkpw(String.t(), String.t()) :: boolean()`
			`def checkpw(password, "$2" <> _ = password_hash) do`
			`# Handle bcrypt passwords for Mastodon migration`
			`Bcrypt.verify_pass(password, password_hash)`
			`end`

			`def checkpw(password, "$pbkdf2" <> _ = password_hash) do`
			`Pbkdf2.verify_pass(password, password_hash)`
			`end`

			`def checkpw(password, "$argon2" <> _ = password_hash) do`
			`Argon2.verify_pass(password, password_hash)`
			`end`

			`def checkpw(_password, _password_hash) do`
			`Logger.error("Password hash not recognized")`
			`false`
			`end`

			`def maybe_update_password(%User{password_hash: "$2" <> _} = user, password) do`
			`do_update_password(user, password)`
			`end`

			`def maybe_update_password(%User{password_hash: "$6" <> _} = user, password) do`
			`do_update_password(user, password)`
			`end`

			`def maybe_update_password(%User{password_hash: "$pbkdf2" <> _} = user, password) do`
			`do_update_password(user, password)`
			`end`

			`def maybe_update_password(user, _), do: {:ok, user}`

			`defp do_update_password(user, password) do`
			`User.reset_password(user, %{password: password, password_confirmation: password})`
			`end`
			`end`