github-mirror/grocy
1
0
Fork 0
mirror of https://github.com/grocy/grocy.git synced 2026-03-27 23:29:25 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Switched password hashing algorithm

Browse Source
This commit is contained in:
Bernd Bestel 2026-03-22 17:29:38 +01:00
parent 23af6adcee
commit f32d0bb28d
No known key found for this signature in database
GPG Key ID: 71BD34C0D4891300
4 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.devtools/data_generation_scripts/9999_reset_admin_password.php
View File

@ -15,5 +15,5 @@ if ($adminUserRow == null)
} }
$adminUserRow->update([ $adminUserRow->update([
'password' => password_hash('admin', PASSWORD_DEFAULT) 'password' => password_hash('admin', PASSWORD_ARGON2ID)
]); ]);

4
middleware/DefaultAuthMiddleware.php
View File

@ -40,10 +40,10 @@ class DefaultAuthMiddleware extends AuthMiddleware
$sessionKey = SessionService::getInstance()->CreateSession($user->id, $stayLoggedInPermanently); $sessionKey = SessionService::getInstance()->CreateSession($user->id, $stayLoggedInPermanently);
self::SetSessionCookie($sessionKey); self::SetSessionCookie($sessionKey);
if (password_needs_rehash($user->password, PASSWORD_DEFAULT)) if (password_needs_rehash($user->password, PASSWORD_ARGON2ID))
{ {
$user->update([ $user->update([
'password' => password_hash($inputPassword, PASSWORD_DEFAULT) 'password' => password_hash($inputPassword, PASSWORD_ARGON2ID)
]); ]);
} }

4
migrations/0027.php
View File

@ -9,7 +9,7 @@ if (defined('GROCY_HTTP_USER'))
// Migrate old user defined in config file to database // Migrate old user defined in config file to database
$newUserRow = $db->users()->createRow([ $newUserRow = $db->users()->createRow([
'username' => GROCY_HTTP_USER, 'username' => GROCY_HTTP_USER,
'password' => password_hash(GROCY_HTTP_PASSWORD, PASSWORD_DEFAULT) 'password' => password_hash(GROCY_HTTP_PASSWORD, PASSWORD_ARGON2ID)
]); ]);
$newUserRow->save(); $newUserRow->save();
} }
@ -18,7 +18,7 @@ else
// Create default user "admin" with password "admin" // Create default user "admin" with password "admin"
$newUserRow = $db->users()->createRow([ $newUserRow = $db->users()->createRow([
'username' => 'admin', 'username' => 'admin',
'password' => password_hash('admin', PASSWORD_DEFAULT) 'password' => password_hash('admin', PASSWORD_ARGON2ID)
]); ]);
$newUserRow->save(); $newUserRow->save();
} }

4
services/UsersService.php
View File

@ -12,7 +12,7 @@ class UsersService extends BaseService
'username' => $username, 'username' => $username,
'first_name' => $firstName, 'first_name' => $firstName,
'last_name' => $lastName, 'last_name' => $lastName,
'password' => password_hash($password, PASSWORD_DEFAULT), 'password' => password_hash($password, PASSWORD_ARGON2ID),
'picture_file_name' => $pictureFileName 'picture_file_name' => $pictureFileName
]); ]);
$newUserRow = $newUserRow->save(); $newUserRow = $newUserRow->save();
@ -61,7 +61,7 @@ class UsersService extends BaseService
'username' => $username, 'username' => $username,
'first_name' => $firstName, 'first_name' => $firstName,
'last_name' => $lastName, 'last_name' => $lastName,
'password' => password_hash($password, PASSWORD_DEFAULT), 'password' => password_hash($password, PASSWORD_ARGON2ID),
'picture_file_name' => $pictureFileName 'picture_file_name' => $pictureFileName
]); ]);
} }