From 50923c848ec172a3daefc1d755bd8a0b2ad4ea6e Mon Sep 17 00:00:00 2001 From: Oleg Volchkov Date: Thu, 24 Apr 2025 10:10:49 +0300 Subject: [PATCH] =?UTF-8?q?=D0=94=D0=BE=D0=B1=D0=B0=D0=B2=D0=B8=D0=BB=20?= =?UTF-8?q?=D0=BE=D0=BF=D1=86=D0=B8=D0=BE=D0=BD=D0=B0=D0=BB=D1=8C=D0=BD?= =?UTF-8?q?=D1=8B=D0=B9=20trim=20=D0=B4=D0=BB=D1=8F=20=D0=BF=D0=B0=D1=80?= =?UTF-8?q?=D0=BE=D0=BB=D0=B5=D0=B9=20=D0=B2=20lib/web/auth.p@pfUsersModel?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- lib/web/auth.p | 7 ++++++ ut/web/controllers/auth_password_hash_test.p | 25 +++++++++++++++++--- 2 files changed, 29 insertions(+), 3 deletions(-) diff --git a/lib/web/auth.p b/lib/web/auth.p index 6318087..dba9b67 100644 --- a/lib/web/auth.p +++ b/lib/web/auth.p @@ -331,11 +331,13 @@ pfModelTable ## aOptions.rolesToUsersTableName ## aOptions.rolesToUsersModel[pfRolesToUsersModel[$.tableName[$aOptions.rolesToUsersTableName]]] ## aOptions.passwordHashType[apr1;yescrypt;gost-yescrypt] +## aOptions.trimPassword(false) — обрезать концевые проблеы у паролей ^BASE:create[^hash::create[$aOptions] $.tableName[^ifdef[$aOptions.tableName]{auth_users}] ] $self.passwordHashType[^ifdef[$aOptions.passwordHashType]{apr1}] + $self._trimPassword(^aOptions.trimPassword.bool(false)) $self._cryptoProvider[$aOptions.cryptoProvider] ^self.assert(def $self._cryptoProvider){Не передан объект с криптопровайдером.} @@ -419,6 +421,11 @@ pfModelTable ^case[gost-yescrypt]{^$gy^$j9T^$^self.makeSalt(16)} }] } + + ^if($self._trimPassword){ + $aPassword[^aPassword.trim[both]] + } + $result[^math:crypt[$aPassword;$aSalt]] @makeSalt[aLen] diff --git a/ut/web/controllers/auth_password_hash_test.p b/ut/web/controllers/auth_password_hash_test.p index cfd88d3..f2764f2 100644 --- a/ut/web/controllers/auth_password_hash_test.p +++ b/ut/web/controllers/auth_password_hash_test.p @@ -12,11 +12,11 @@ locals pfTestCase @setUp[] - $lSQL[^pfSQLConnection::create[postgresql://]] + $self.sql[^pfSQLConnection::create[postgresql://]] $self.sut[^pfUsersModel::create[ - $.sql[$lSQL] + $.sql[$self.sql] $.cryptoProvider[^pfSQLSecurityCrypt::create[ - $.sql[$lSQL] + $.sql[$self.sql] $.secretKey[secret1] ]] ]] @@ -48,3 +48,22 @@ pfTestCase $lHashed[^self.sut.makePasswordHash[$lPassword]] ^self.assertRegexpMatch[^^\^$gy\^$j9T\^$\S{16}\^$\S{32,}^$;$lHashed] ^self.assertEq[$lHashed;^self.sut.makePasswordHash[$lPassword;$lHashed]] + +@testDisabledTrimPassword[] + $lPassword[ password_1 ^#0A] + $lSalt[^$apr1^$12345678^$] + ^self.assertNe[^self.sut.makePasswordHash[$lPassword;$lSalt];^self.sut.makePasswordHash[^lPassword.trim[];$lSalt]] + +@testTrimPassword[] + $self.sut[^pfUsersModel::create[ + $.sql[$self.sql] + $.cryptoProvider[^pfSQLSecurityCrypt::create[ + $.sql[$self.sql] + $.secretKey[secret1] + ]] + $.trimPassword(true) + ]] + + $lPassword[ password_1 ^#0A] + $lSalt[^$apr1^$12345678^$] + ^self.assertEq[^self.sut.makePasswordHash[$lPassword;$lSalt];^self.sut.makePasswordHash[^lPassword.trim[];$lSalt]]