saint/discourse-md5_authentication
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

v0.16 Further fixups to work with Bitnami Discourse 3.2.5

Browse Source
This commit is contained in:
David Sainty 2024-08-28 21:48:07 +10:00
parent 9edabc2a3a
commit 7226bf0b9a
2 changed files with 173 additions and 165 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
.plugin.rb.bck.swp Normal file
View File

Binary file not shown.

34
plugin.rb
View File

@ -4,7 +4,7 @@
# name: discourse-md5_authentication # name: discourse-md5_authentication
# about: A plugin to authenticate users with MD5 passwords from legacy systems # about: A plugin to authenticate users with MD5 passwords from legacy systems
# version: 0.14 # version: 0.16
# authors: saint@federated.computer # authors: saint@federated.computer
# url: https://gitea.federated.computer/saint/discourse-md5_authentication.git # url: https://gitea.federated.computer/saint/discourse-md5_authentication.git
@ -13,9 +13,12 @@
# enabled_site_setting :legacymd5password_auth_enabled # enabled_site_setting :legacymd5password_auth_enabled
after_initialize do after_initialize do
# Extend the SessionController class to include our custom authentication logic # Define a module to hold the legacy MD5 authentication logic
class ::SessionController module LegacyMd5Authentication
prepend Module.new {
# Constants
ITOA64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
# Override the create method to add our custom authentication checks # Override the create method to add our custom authentication checks
def create def create
Rails.logger.warn "MD5 -- AA -- start create" Rails.logger.warn "MD5 -- AA -- start create"
@ -126,13 +129,10 @@ after_initialize do
not_activated(user) not_activated(user)
end end
end end
}
end
end
# Helper methods to handle MD5 password verification # Helper methods to handle MD5 password verification
def to64(value, length) def to64(value, length)
# Convert a value to a base64-like representation # Convert a value to a base64-like representation
result = String.new result = String.new
length.times do length.times do
@ -141,9 +141,9 @@ def to64(value, length)
Rails.logger.warn "to64 result: #{result}" Rails.logger.warn "to64 result: #{result}"
end end
result result
end end
def gossamer_md5_crypt(password, legacy_hash) def gossamer_md5_crypt(password, legacy_hash)
# Extract the salt from the legacy hash # Extract the salt from the legacy hash
parts = legacy_hash.split('$') parts = legacy_hash.split('$')
salt = parts[2] salt = parts[2]
@ -203,10 +203,18 @@ def gossamer_md5_crypt(password, legacy_hash)
Rails.logger.warn "magic salt result #{magic}#{salt}$#{result}" Rails.logger.warn "magic salt result #{magic}#{salt}$#{result}"
"#{magic}#{salt}$#{result}" "#{magic}#{salt}$#{result}"
end end
def verify_gossamer_password(password, legacy_hash) def verify_gossamer_password(password, legacy_hash)
# Verify the provided password against the stored MD5 hash # Verify the provided password against the stored MD5 hash
generated_hash = gossamer_md5_crypt(password, legacy_hash) generated_hash = gossamer_md5_crypt(password, legacy_hash)
generated_hash == legacy_hash generated_hash == legacy_hash
end
end
# Extend the SessionController class to include the LegacyMd5Authentication module
class ::SessionController
prepend LegacyMd5Authentication
end
end end