mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2025-01-08 15:40:31 -05:00
Merge remote-tracking branch 'forgejo/v1.18/forgejo-development' into v1.18/forgejo
This commit is contained in:
commit
68f009f329
8 changed files with 19 additions and 7 deletions
|
@ -439,8 +439,8 @@ INTERNAL_TOKEN=
|
||||||
;;Classes include "lower,upper,digit,spec"
|
;;Classes include "lower,upper,digit,spec"
|
||||||
;PASSWORD_COMPLEXITY = off
|
;PASSWORD_COMPLEXITY = off
|
||||||
;;
|
;;
|
||||||
;; Password Hash algorithm, either "argon2", "pbkdf2", "scrypt" or "bcrypt"
|
;; Password Hash algorithm, either "argon2", "pbkdf2"/"pbkdf2_v2", "pbkdf2_hi", "scrypt" or "bcrypt"
|
||||||
;PASSWORD_HASH_ALGO = pbkdf2
|
;PASSWORD_HASH_ALGO = pbkdf2_hi
|
||||||
;;
|
;;
|
||||||
;; Set false to allow JavaScript to read CSRF cookie
|
;; Set false to allow JavaScript to read CSRF cookie
|
||||||
;CSRF_COOKIE_HTTP_ONLY = true
|
;CSRF_COOKIE_HTTP_ONLY = true
|
||||||
|
|
|
@ -3,7 +3,14 @@
|
||||||
|
|
||||||
package hash
|
package hash
|
||||||
|
|
||||||
const DefaultHashAlgorithmName = "pbkdf2"
|
// DefaultHashAlgorithmName represents the default value of PASSWORD_HASH_ALGO
|
||||||
|
// configured in app.ini.
|
||||||
|
//
|
||||||
|
// It is NOT the same and does NOT map to the defaultEmptyHashAlgorithmSpecification.
|
||||||
|
//
|
||||||
|
// It will be dealiased as per aliasAlgorithmNames whereas
|
||||||
|
// defaultEmptyHashAlgorithmSpecification does not undergo dealiasing.
|
||||||
|
const DefaultHashAlgorithmName = "pbkdf2_hi"
|
||||||
|
|
||||||
var DefaultHashAlgorithm *PasswordHashAlgorithm
|
var DefaultHashAlgorithm *PasswordHashAlgorithm
|
||||||
|
|
||||||
|
|
|
@ -28,11 +28,11 @@ func TestCheckSettingPasswordHashAlgorithm(t *testing.T) {
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
t.Run("pbkdf2_v2 is the default when default password hash algorithm is empty", func(t *testing.T) {
|
t.Run("pbkdf2_hi is the default when default password hash algorithm is empty", func(t *testing.T) {
|
||||||
emptyConfig, emptyAlgo := SetDefaultPasswordHashAlgorithm("")
|
emptyConfig, emptyAlgo := SetDefaultPasswordHashAlgorithm("")
|
||||||
pbkdf2v2Config, pbkdf2v2Algo := SetDefaultPasswordHashAlgorithm("pbkdf2_v2")
|
pbkdf2hiConfig, pbkdf2hiAlgo := SetDefaultPasswordHashAlgorithm("pbkdf2_hi")
|
||||||
|
|
||||||
assert.Equal(t, pbkdf2v2Config, emptyConfig)
|
assert.Equal(t, pbkdf2hiConfig, emptyConfig)
|
||||||
assert.Equal(t, pbkdf2v2Algo.Name, emptyAlgo.Name)
|
assert.Equal(t, pbkdf2hiAlgo.Name, emptyAlgo.Name)
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
|
@ -98,6 +98,7 @@ COLORIZE = true
|
||||||
LEVEL = Debug
|
LEVEL = Debug
|
||||||
|
|
||||||
[security]
|
[security]
|
||||||
|
PASSWORD_HASH_ALGO = argon2
|
||||||
DISABLE_GIT_HOOKS = false
|
DISABLE_GIT_HOOKS = false
|
||||||
INSTALL_LOCK = true
|
INSTALL_LOCK = true
|
||||||
SECRET_KEY = 9pCviYTWSb
|
SECRET_KEY = 9pCviYTWSb
|
||||||
|
|
|
@ -117,6 +117,7 @@ COLORIZE = true
|
||||||
LEVEL = Debug
|
LEVEL = Debug
|
||||||
|
|
||||||
[security]
|
[security]
|
||||||
|
PASSWORD_HASH_ALGO = argon2
|
||||||
DISABLE_GIT_HOOKS = false
|
DISABLE_GIT_HOOKS = false
|
||||||
INSTALL_LOCK = true
|
INSTALL_LOCK = true
|
||||||
SECRET_KEY = 9pCviYTWSb
|
SECRET_KEY = 9pCviYTWSb
|
||||||
|
|
|
@ -95,6 +95,7 @@ COLORIZE = true
|
||||||
LEVEL = Debug
|
LEVEL = Debug
|
||||||
|
|
||||||
[security]
|
[security]
|
||||||
|
PASSWORD_HASH_ALGO = argon2
|
||||||
DISABLE_GIT_HOOKS = false
|
DISABLE_GIT_HOOKS = false
|
||||||
INSTALL_LOCK = true
|
INSTALL_LOCK = true
|
||||||
SECRET_KEY = 9pCviYTWSb
|
SECRET_KEY = 9pCviYTWSb
|
||||||
|
|
|
@ -99,6 +99,7 @@ COLORIZE = true
|
||||||
LEVEL = Debug
|
LEVEL = Debug
|
||||||
|
|
||||||
[security]
|
[security]
|
||||||
|
PASSWORD_HASH_ALGO = argon2
|
||||||
DISABLE_GIT_HOOKS = false
|
DISABLE_GIT_HOOKS = false
|
||||||
INSTALL_LOCK = true
|
INSTALL_LOCK = true
|
||||||
SECRET_KEY = 9pCviYTWSb
|
SECRET_KEY = 9pCviYTWSb
|
||||||
|
|
|
@ -94,6 +94,7 @@ COLORIZE = true
|
||||||
LEVEL = Debug
|
LEVEL = Debug
|
||||||
|
|
||||||
[security]
|
[security]
|
||||||
|
PASSWORD_HASH_ALGO = argon2
|
||||||
DISABLE_GIT_HOOKS = false
|
DISABLE_GIT_HOOKS = false
|
||||||
INSTALL_LOCK = true
|
INSTALL_LOCK = true
|
||||||
SECRET_KEY = 9pCviYTWSb
|
SECRET_KEY = 9pCviYTWSb
|
||||||
|
|
Loading…
Reference in a new issue