From 785a12f222d1f502390ba8e4d6fb3950783e8c0c Mon Sep 17 00:00:00 2001 From: dsainty Date: Mon, 17 Jun 2024 18:44:22 +1000 Subject: [PATCH] v0.12.1 -- validated, tested, refined, operational plugin (mostly) ready for prod use --- plugin.rb | 31 ++++++++++++++++--------------- 1 file changed, 16 insertions(+), 15 deletions(-) diff --git a/plugin.rb b/plugin.rb index e99080c..46e09ee 100644 --- a/plugin.rb +++ b/plugin.rb @@ -4,7 +4,7 @@ # name: discourse-md5_authentication # about: A plugin to authenticate users with MD5 passwords from legacy systems -# version: 0.10.1 +# version: 0.12.1 # authors: saint # url: https://gitea.federated.computer/saint/discourse-md5_authentication.git @@ -146,7 +146,7 @@ after_initialize do # MD5 matches, so update the user's password to the new one, remove the custom field and ensure user is set to active and approved Rails.logger.debug "MD5 matches" - # Set password using Discourse's current standards, ensuring correct hashing. + # Set password using Discourse's current standards, ensuring correct hashing, with exception check for the same password as that alaedy stored in Discourse user.password = password # Set other attributes @@ -155,25 +155,28 @@ after_initialize do # user.email_confirmed = true user.approved_at = Time.now user.approved_by_id = 1 + user.custom_fields['custom_password_md5'] = nil + user.save! - # - # hashed_password = UserAuthenticator.new(nil).password_digest(password) - # user.update_columns( - # hashed_password: hashed_password - # ) + # Generate a new token and hash it + token = SecureRandom.hex(20) + token_hash = EmailToken.hash_token(token) + + # Create a confirmed e-mail token + EmailToken.create!( + user_id: user.id, + email: user.email, + token_hash: token_hash, + confirmed: true + ) + Rails.logger.debug("Generated token for user #{user.username}: #{token}") - # user.custom_fields['custom_password_md5'] = nil - - # user.active = true - # user.approved = true # # Initialize UserAuthenticator with user and session # authenticator = UserAuthenticator.new(user, session) - # # Generate a salted password hash for the new password # hashed_password = authenticator.password_digest(password) # Rails.logger.debug "NEW hashed_password #{hashed_password}" - # # Update the user object with all changes # user.assign_attributes( # password_hash: hashed_password, @@ -184,8 +187,6 @@ after_initialize do # custom_fields: { 'custom_password_md5' => nil } # ) - # Save the changes - user.save! # if user.save # Rails.logger.debug "User changes saved: #{user.username}"