Merge branch 'tests/authentication_plug' into 'develop'
tests for Plugs.AuthenticationPlug See merge request pleroma/pleroma!1450
This commit is contained in:
commit
16cfee708e
|
@ -8,22 +8,19 @@ defmodule Pleroma.Plugs.AuthenticationPlug do
|
|||
alias Pleroma.User
|
||||
require Logger
|
||||
|
||||
def init(options) do
|
||||
options
|
||||
def init(options), do: options
|
||||
|
||||
def checkpw(password, "$6" <> _ = password_hash) do
|
||||
:crypt.crypt(password, password_hash) == password_hash
|
||||
end
|
||||
|
||||
def checkpw(password, password_hash) do
|
||||
cond do
|
||||
String.starts_with?(password_hash, "$pbkdf2") ->
|
||||
Pbkdf2.checkpw(password, password_hash)
|
||||
def checkpw(password, "$pbkdf2" <> _ = password_hash) do
|
||||
Pbkdf2.checkpw(password, password_hash)
|
||||
end
|
||||
|
||||
String.starts_with?(password_hash, "$6") ->
|
||||
:crypt.crypt(password, password_hash) == password_hash
|
||||
|
||||
true ->
|
||||
Logger.error("Password hash not recognized")
|
||||
false
|
||||
end
|
||||
def checkpw(_password, _password_hash) do
|
||||
Logger.error("Password hash not recognized")
|
||||
false
|
||||
end
|
||||
|
||||
def call(%{assigns: %{user: %User{}}} = conn, _), do: conn
|
||||
|
|
|
@ -54,4 +54,29 @@ test "with a wrong password in the credentials, it does nothing", %{conn: conn}
|
|||
|
||||
assert conn == ret_conn
|
||||
end
|
||||
|
||||
describe "checkpw/2" do
|
||||
test "check pbkdf2 hash" do
|
||||
hash =
|
||||
"$pbkdf2-sha512$160000$loXqbp8GYls43F0i6lEfIw$AY.Ep.2pGe57j2hAPY635sI/6w7l9Q9u9Bp02PkPmF3OrClDtJAI8bCiivPr53OKMF7ph6iHhN68Rom5nEfC2A"
|
||||
|
||||
assert AuthenticationPlug.checkpw("test-password", hash)
|
||||
refute AuthenticationPlug.checkpw("test-password1", hash)
|
||||
end
|
||||
|
||||
test "check sha512-crypt hash" do
|
||||
hash =
|
||||
"$6$9psBWV8gxkGOZWBz$PmfCycChoxeJ3GgGzwvhlgacb9mUoZ.KUXNCssekER4SJ7bOK53uXrHNb2e4i8yPFgSKyzaW9CcmrDXWIEMtD1"
|
||||
|
||||
assert AuthenticationPlug.checkpw("password", hash)
|
||||
refute AuthenticationPlug.checkpw("password1", hash)
|
||||
end
|
||||
|
||||
test "it returns false when hash invalid" do
|
||||
hash =
|
||||
"psBWV8gxkGOZWBz$PmfCycChoxeJ3GgGzwvhlgacb9mUoZ.KUXNCssekER4SJ7bOK53uXrHNb2e4i8yPFgSKyzaW9CcmrDXWIEMtD1"
|
||||
|
||||
refute Pleroma.Plugs.AuthenticationPlug.checkpw("password", hash)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in a new issue