Merge branch 'tests/authentication_plug' into 'develop'
tests for Plugs.AuthenticationPlug See merge request pleroma/pleroma!1450
This commit is contained in:
commit
16cfee708e
2 changed files with 35 additions and 13 deletions
|
@ -8,23 +8,20 @@ defmodule Pleroma.Plugs.AuthenticationPlug do
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
require Logger
|
require Logger
|
||||||
|
|
||||||
def init(options) do
|
def init(options), do: options
|
||||||
options
|
|
||||||
|
def checkpw(password, "$6" <> _ = password_hash) do
|
||||||
|
:crypt.crypt(password, password_hash) == password_hash
|
||||||
end
|
end
|
||||||
|
|
||||||
def checkpw(password, password_hash) do
|
def checkpw(password, "$pbkdf2" <> _ = password_hash) do
|
||||||
cond do
|
|
||||||
String.starts_with?(password_hash, "$pbkdf2") ->
|
|
||||||
Pbkdf2.checkpw(password, password_hash)
|
Pbkdf2.checkpw(password, password_hash)
|
||||||
|
end
|
||||||
|
|
||||||
String.starts_with?(password_hash, "$6") ->
|
def checkpw(_password, _password_hash) do
|
||||||
:crypt.crypt(password, password_hash) == password_hash
|
|
||||||
|
|
||||||
true ->
|
|
||||||
Logger.error("Password hash not recognized")
|
Logger.error("Password hash not recognized")
|
||||||
false
|
false
|
||||||
end
|
end
|
||||||
end
|
|
||||||
|
|
||||||
def call(%{assigns: %{user: %User{}}} = conn, _), do: conn
|
def call(%{assigns: %{user: %User{}}} = conn, _), do: conn
|
||||||
|
|
||||||
|
|
|
@ -54,4 +54,29 @@ test "with a wrong password in the credentials, it does nothing", %{conn: conn}
|
||||||
|
|
||||||
assert conn == ret_conn
|
assert conn == ret_conn
|
||||||
end
|
end
|
||||||
|
|
||||||
|
describe "checkpw/2" do
|
||||||
|
test "check pbkdf2 hash" do
|
||||||
|
hash =
|
||||||
|
"$pbkdf2-sha512$160000$loXqbp8GYls43F0i6lEfIw$AY.Ep.2pGe57j2hAPY635sI/6w7l9Q9u9Bp02PkPmF3OrClDtJAI8bCiivPr53OKMF7ph6iHhN68Rom5nEfC2A"
|
||||||
|
|
||||||
|
assert AuthenticationPlug.checkpw("test-password", hash)
|
||||||
|
refute AuthenticationPlug.checkpw("test-password1", hash)
|
||||||
|
end
|
||||||
|
|
||||||
|
test "check sha512-crypt hash" do
|
||||||
|
hash =
|
||||||
|
"$6$9psBWV8gxkGOZWBz$PmfCycChoxeJ3GgGzwvhlgacb9mUoZ.KUXNCssekER4SJ7bOK53uXrHNb2e4i8yPFgSKyzaW9CcmrDXWIEMtD1"
|
||||||
|
|
||||||
|
assert AuthenticationPlug.checkpw("password", hash)
|
||||||
|
refute AuthenticationPlug.checkpw("password1", hash)
|
||||||
|
end
|
||||||
|
|
||||||
|
test "it returns false when hash invalid" do
|
||||||
|
hash =
|
||||||
|
"psBWV8gxkGOZWBz$PmfCycChoxeJ3GgGzwvhlgacb9mUoZ.KUXNCssekER4SJ7bOK53uXrHNb2e4i8yPFgSKyzaW9CcmrDXWIEMtD1"
|
||||||
|
|
||||||
|
refute Pleroma.Plugs.AuthenticationPlug.checkpw("password", hash)
|
||||||
|
end
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in a new issue