Penpot/penpot
0
Fork 0
mirror of https://github.com/penpot/penpot.git synced 2025-01-21 22:22:43 -05:00
Code Issues Activity

🐛 Fix repeated password update on login

Browse source 
because the default options were not being passed in the verification
This commit is contained in:
Andrey Antukh 2025-01-14 17:41:28 +01:00 committed by Alonso Torres
parent e92ddee33a
commit 5c428b5aa5
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
backend/src/app/auth.clj
View file

@ -8,7 +8,7 @@
(:require (:require
[buddy.hashers :as hashers])) [buddy.hashers :as hashers]))
(def default-params (def ^:private default-options
{:alg :argon2id {:alg :argon2id
:memory 32768 ;; 32 MiB :memory 32768 ;; 32 MiB
:iterations 3 :iterations 3
@ -16,12 +16,12 @@
(defn derive-password (defn derive-password
[password] [password]
(hashers/derive password default-params)) (hashers/derive password default-options))
(defn verify-password (defn verify-password
[attempt password] [attempt password]
(try (try
(hashers/verify attempt password) (hashers/verify attempt password default-options)
(catch Throwable _ (catch Throwable _
{:update false {:update false
:valid false}))) :valid false})))