v0.21 - Add support for users who have (re)set real passwords in Discourse via email
This commit is contained in:
parent
54f0c3d78a
commit
872b706e0f
65
plugin.rb
65
plugin.rb
@ -4,7 +4,7 @@
|
|||||||
|
|
||||||
# name: discourse-md5_authentication
|
# name: discourse-md5_authentication
|
||||||
# about: A plugin to authenticate users with MD5 passwords from legacy systems
|
# about: A plugin to authenticate users with MD5 passwords from legacy systems
|
||||||
# version: 0.20
|
# version: 0.21
|
||||||
# authors: saint@federated.computer
|
# authors: saint@federated.computer
|
||||||
# url: https://gitea.federated.computer/saint/discourse-md5_authentication.git
|
# url: https://gitea.federated.computer/saint/discourse-md5_authentication.git
|
||||||
|
|
||||||
@ -48,12 +48,16 @@ after_initialize do
|
|||||||
# Log the presence of custom MD5 hash for debugging
|
# Log the presence of custom MD5 hash for debugging
|
||||||
Rails.logger.warn "MD5 -- Check for MD5 password in custom field"
|
Rails.logger.warn "MD5 -- Check for MD5 password in custom field"
|
||||||
if custom_password_md5.present?
|
if custom_password_md5.present?
|
||||||
Rails.logger.warn "MD5 -- MD5 password is present custom_password_md5: #{custom_password_md5} password: #{password}"
|
|
||||||
|
# SCENARIO 1. : LEGACY MD5 HASH EXISTS
|
||||||
|
Rails.logger.warn "MD5 -- 1. MD5 password is present custom_password_md5: #{custom_password_md5} password: #{password}"
|
||||||
|
|
||||||
# Verify the provided password against the stored MD5 hash
|
# Verify the provided password against the stored MD5 hash
|
||||||
if verify_gossamer_password(password, custom_password_md5)
|
if verify_gossamer_password(password, custom_password_md5)
|
||||||
|
|
||||||
|
# SCENARIO 1.1. : LEGACY MD5 HAS EXISTS AND MATCHES
|
||||||
# If MD5 hash matches, update the user's password and other attributes
|
# If MD5 hash matches, update the user's password and other attributes
|
||||||
Rails.logger.warn "MD5 -- MD5 matches"
|
Rails.logger.warn "MD5 -- 1.1. MD5 matches"
|
||||||
|
|
||||||
# Set the user's password to the provided one and update other attributes
|
# Set the user's password to the provided one and update other attributes
|
||||||
user.password = password
|
user.password = password
|
||||||
@ -79,19 +83,58 @@ after_initialize do
|
|||||||
Rails.logger.warn("MD5 -- Generated token for user #{user.username}: #{token}")
|
Rails.logger.warn("MD5 -- Generated token for user #{user.username}: #{token}")
|
||||||
|
|
||||||
Rails.logger.warn "MD5 -- Updated user: #{user.id}"
|
Rails.logger.warn "MD5 -- Updated user: #{user.id}"
|
||||||
|
|
||||||
else
|
else
|
||||||
# If MD5 hash does not match, log the failed login attempt
|
# SCENARIO 1.2. : LEGACY MD5 HASH EXISTS BUT DOES NOT MATCH
|
||||||
Rails.logger.warn "MD5 -- MD5 Password (hash) incorrect for user: #{user.id}"
|
|
||||||
|
# Log the failed login attempt
|
||||||
|
Rails.logger.warn "MD5 -- 1.2. MD5 Password (hash) exists but fails / incorrect for user: #{user.id}"
|
||||||
|
|
||||||
|
if user.confirm_password?(password)
|
||||||
|
# SCENARIO 1.2.1 : LEGACY MD5 HASH EXISTS BUT DOES NOT MATCH, BUT REAL PASSWORD WORKS -- NEW SUPPORT in v0.21
|
||||||
|
|
||||||
|
Rails.logger.warn "MD5 -- 1.2.1. Real Password Works for username: #{user.username} user: #{user.id}"
|
||||||
|
|
||||||
|
# Update other attributes (other than password which is already correct)
|
||||||
|
user.active = true
|
||||||
|
user.approved = true
|
||||||
|
user.approved_at = Time.now
|
||||||
|
user.approved_by_id = 1
|
||||||
|
user.custom_fields['md5_password'] = nil # Clear the custom MD5 field
|
||||||
|
user.save!
|
||||||
|
Rails.logger.warn "MD5 -- DD -- user.present, cleared legacy MD5 field!"
|
||||||
|
|
||||||
|
# Generate a new token and hash it
|
||||||
|
token = SecureRandom.hex(20)
|
||||||
|
token_hash = EmailToken.hash_token(token)
|
||||||
|
|
||||||
|
# Create a confirmed email token for the user
|
||||||
|
EmailToken.create!(
|
||||||
|
user_id: user.id,
|
||||||
|
email: user.email,
|
||||||
|
token_hash: token_hash,
|
||||||
|
confirmed: true
|
||||||
|
)
|
||||||
|
Rails.logger.warn("MD5 -- Generated token for user #{user.username}: #{token}")
|
||||||
|
|
||||||
|
Rails.logger.warn "MD5 -- Updated user: #{user.id}"
|
||||||
|
|
||||||
|
else
|
||||||
|
# SCENARIO 1.2.2 : LEGACY MD5 HASH EXISTS BUT DOES NOT MATCH, AND REAL PASSWORD DOES NOT MATCH OR IS NOT PRESENT
|
||||||
|
Rails.logger.warn("MD5 -- 1.2.2. -- MD5 Password (hash) incorrect and no matching real password for username: #{user.username} user: #{user.id}")
|
||||||
|
invalid_credentials
|
||||||
|
return
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
elsif !user.confirm_password?(password)
|
||||||
|
# SCENARIO 2. : NO lEGACY MD5 HASH EXISTS AND REAL PASSWORD DOES NOT MATCH OR IS NOT PRESENT
|
||||||
|
# If no MD5 hash is present and the provided password is incorrect
|
||||||
|
Rails.logger.warn "MD5 -- 2. Password incorrect for user: #{user.id}"
|
||||||
invalid_credentials
|
invalid_credentials
|
||||||
return
|
return
|
||||||
end
|
end
|
||||||
|
|
||||||
elsif !user.confirm_password?(password)
|
|
||||||
# If no MD5 hash is present and the provided password is incorrect
|
|
||||||
Rails.logger.warn "MD5 -- Password incorrect for user: #{user.id}"
|
|
||||||
invalid_credentials
|
|
||||||
return
|
|
||||||
end
|
|
||||||
|
|
||||||
# If the site requires user approval and the user is not yet approved
|
# If the site requires user approval and the user is not yet approved
|
||||||
if login_not_approved_for?(user)
|
if login_not_approved_for?(user)
|
||||||
|
Loading…
Reference in New Issue
Block a user