Home Explore Help
Sign In
SMusatov
/
zammad
mirror of https://github.com/zammad/zammad.git
1
0
Fork 0
Files
Branch: stable-1.3
Branches Tags
zammad
/
lib
/
password_hash.rb

password_hash.rb 1.0 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748 
  1. # Copyright (C) 2012-2016 Zammad Foundation, http://zammad-foundation.org/
    2. 

  2. 

  3. module PasswordHash
    4. 

  4.   include ApplicationLib
    5. 

  5. 

  6.   # rubocop:disable Style/ModuleFunction
    7. 

  7.   extend self
    8. 

  8. 

  9.   def crypt(password)
    10. 

  10.     argon2.create(password)
    11. 

  11.   end
    12. 

  12. 

  13.   def verified?(pw_hash, password)
    14. 

  14.     Argon2::Password.verify_password(password, pw_hash, secret)
    15. 

  15.   rescue
    16. 

  16.     false
    17. 

  17.   end
    18. 

  18. 

  19.   def crypted?(pw_hash)
    20. 

  20.     return if !pw_hash
    21. 

  21.     # taken from: https://github.com/technion/ruby-argon2/blob/7e1f4a2634316e370ab84150e4f5fd91d9263713/lib/argon2.rb#L33
    22. 

  22.     return if pw_hash !~ /^\$argon2i\$.{,112}/
    23. 

  23.     true
    24. 

  24.   end
    25. 

  25. 

  26.   def legacy?(pw_hash, password)
    27. 

  27.     return if pw_hash.blank?
    28. 

  28.     return if !password
    29. 

  29.     legacy_sha2?(pw_hash, password)
    30. 

  30.   end
    31. 

  31. 

  32.   private
    33. 

  33. 

  34.   def legacy_sha2?(pw_hash, password)
    35. 

  35.     return if !pw_hash.start_with?('{sha2}')
    36. 

  36.     crypted = Digest::SHA2.hexdigest(password)
    37. 

  37.     pw_hash == "{sha2}#{crypted}"
    38. 

  38.   end
    39. 

  39. 

  40.   def argon2
    41. 

  41.     return @argon2 if @argon2
    42. 

  42.     @argon2 = Argon2::Password.new(secret: secret)
    43. 

  43.   end
    44. 

  44. 

  45.   def secret
    46. 

  46.     Setting.get('application_secret')
    47. 

  47.   end
    48. 

  48. end
    49.