v0.12.1 -- validated, tested, refined, operational plugin (mostly) ready for prod use

2024-06-17 18:44:22 +10:00 · 2024-06-17 18:44:22 +10:00 · 785a12f222
commit 785a12f222
parent 4472e9b0e3
1 changed files with 16 additions and 15 deletions
--- a/plugin.rb
+++ b/plugin.rb
@ -4,7 +4,7 @@

 # name: discourse-md5_authentication
 # about: A plugin to authenticate users with MD5 passwords from legacy systems
-# version: 0.10.1
+# version: 0.12.1
 # authors: saint
 # url: https://gitea.federated.computer/saint/discourse-md5_authentication.git

@ -146,7 +146,7 @@ after_initialize do
            # MD5 matches, so update the user's password to the new one, remove the custom field and ensure user is set to active and approved
            Rails.logger.debug "MD5 matches"

-            # Set password using Discourse's current standards, ensuring correct hashing.
+            # Set password using Discourse's current standards, ensuring correct hashing, with exception check for the same password as that alaedy stored in Discourse
            user.password = password

            # Set other attributes
@ -155,25 +155,28 @@ after_initialize do
            # user.email_confirmed = true
            user.approved_at = Time.now
            user.approved_by_id = 1
+            user.custom_fields['custom_password_md5'] = nil
+            user.save!

-            #
-            # hashed_password = UserAuthenticator.new(nil).password_digest(password)
-            # user.update_columns(
-            #   hashed_password: hashed_password
-            # )
+            # Generate a new token and hash it
+            token = SecureRandom.hex(20)
+            token_hash = EmailToken.hash_token(token)
        
-            # user.custom_fields['custom_password_md5'] = nil
+            # Create a confirmed e-mail token
+            EmailToken.create!(
+              user_id: user.id,
+              email: user.email,
+              token_hash: token_hash,
+              confirmed: true
+            )
+            Rails.logger.debug("Generated token for user #{user.username}: #{token}")

-            # user.active = true
-            # user.approved = true

            # # Initialize UserAuthenticator with user and session
            # authenticator = UserAuthenticator.new(user, session)
-
            # # Generate a salted password hash for the new password
            # hashed_password = authenticator.password_digest(password)
            # Rails.logger.debug "NEW hashed_password  #{hashed_password}"
-
            # # Update the user object with all changes
            # user.assign_attributes(
            #   password_hash: hashed_password,
@ -184,8 +187,6 @@ after_initialize do
            #   custom_fields: { 'custom_password_md5' => nil }
            # )
            
-            # Save the changes
-            user.save!

            # if user.save
            #   Rails.logger.debug "User changes saved:  #{user.username}"