IT4Change/gradido
3
0
Fork 0
mirror of https://github.com/IT4Change/gradido.git synced 2025-12-13 07:45:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

replace double call of password hashing for old user model with new function, copy values from new user

Browse Source
This commit is contained in:
Dario 2020-07-14 20:13:46 +02:00
parent 42c6c5c82e
commit c37eff474a
3 changed files with 25 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/cpp/model/Session.cpp
View File

@ -415,7 +415,6 @@ bool Session::ifUserExist(const std::string& email)
int Session::updateEmailVerification(Poco::UInt64 emailVerificationCode) int Session::updateEmailVerification(Poco::UInt64 emailVerificationCode)
{ {
const static char* funcName = "Session::updateEmailVerification"; const static char* funcName = "Session::updateEmailVerification";
Poco::ScopedLock<Poco::Mutex> _lock(mWorkMutex); Poco::ScopedLock<Poco::Mutex> _lock(mWorkMutex);
// new mutex, will replace the Poco Mutex complete in the future // new mutex, will replace the Poco Mutex complete in the future
std::unique_lock<std::shared_mutex> _lock_shared(mSharedMutex); std::unique_lock<std::shared_mutex> _lock_shared(mSharedMutex);
@ -796,10 +795,12 @@ UserStates Session::loadUser(const std::string& email, const std::string& passwo
} }
} }
// can be removed if session user isn't used any more // can be removed if session user isn't used any more
if (mNewUser->getModel()->getPasswordHashed() && !mSessionUser->validatePwd(password, this)) { // don't calculate password two times anymore
mSessionUser->login(mNewUser);
/*if (mNewUser->getModel()->getPasswordHashed() && !mSessionUser->validatePwd(password, this)) {
unlock(); unlock();
return USER_PASSWORD_INCORRECT; return USER_PASSWORD_INCORRECT;
} }*/
} }
else { else {
User::fakeCreateCryptoKey(); User::fakeCreateCryptoKey();

19
src/cpp/model/User.cpp
View File

@ -773,6 +773,25 @@ bool User::validatePwd(const std::string& pwd, ErrorList* validationErrorsToPrin
return false; return false;
} }
void User::login(Poco::AutoPtr<controller::User> newUser)
{
assert(!newUser.isNull());
assert(newUser->getModel());
lock("User::validatePwd");
mPasswordHashed = newUser->getModel()->getPasswordHashed();
auto mm = MemoryManager::getInstance();
if (mCryptoKey) {
mm->releaseMemory(mCryptoKey);
mCryptoKey = nullptr;
}
auto keyPair = newUser->getGradidoKeyPair();
if (keyPair) {
mCryptoKey = keyPair->getCryptedPrivKey(newUser->getPassword());
}
unlock();
}
bool User::validateIdentHash(HASH hash) bool User::validateIdentHash(HASH hash)
{ {
lock("User::validateIdentHash"); lock("User::validateIdentHash");

2
src/cpp/model/User.h
View File

@ -77,6 +77,8 @@ public:
~User(); ~User();
void login(Poco::AutoPtr<controller::User> newUser);
static std::string generateNewPassphrase(Mnemonic* word_source); static std::string generateNewPassphrase(Mnemonic* word_source);
static bool validatePassphrase(const std::string& passphrase, Mnemonic** wordSource = nullptr); static bool validatePassphrase(const std::string& passphrase, Mnemonic** wordSource = nullptr);
static const char* userStateToString(UserStates state); static const char* userStateToString(UserStates state);