From a88124cfce29e187d5b44049c82a95b95aedcfaa Mon Sep 17 00:00:00 2001 From: kolaente Date: Sun, 13 Oct 2024 15:38:04 +0200 Subject: [PATCH] feat: make used bcrypt rounds configurable This allows to configure the used bcrypt rounds and set it to 4 in tests, greatly speeding up the tests. It's not really required to set this to another value but it might be in the future as computers get faster. --- config-raw.json | 5 +++ pkg/config/config.go | 2 ++ pkg/db/fixtures/link_shares.yml | 2 +- pkg/db/fixtures/users.yml | 32 +++++++++---------- pkg/integrations/integrations.go | 2 +- pkg/integrations/link_sharing_auth_test.go | 2 +- pkg/integrations/login_test.go | 6 ++-- pkg/integrations/user_change_password_test.go | 6 ++-- pkg/integrations/user_password_reset_test.go | 4 +-- pkg/models/label_task_test.go | 2 +- pkg/models/label_test.go | 8 ++--- pkg/models/project_users_test.go | 4 +-- pkg/models/task_collection_test.go | 6 ++-- pkg/models/user_project_test.go | 26 +++++++-------- pkg/user/test.go | 3 ++ pkg/user/user_create.go | 2 +- pkg/user/user_test.go | 16 +++++----- 17 files changed, 69 insertions(+), 59 deletions(-) diff --git a/config-raw.json b/config-raw.json index 9f00d441b..4c874d296 100644 --- a/config-raw.json +++ b/config-raw.json @@ -127,6 +127,11 @@ "key": "enablepublicteams", "default_value": "false", "comment": "Enables the public team feature. If enabled, it is possible to configure teams to be public, which makes them\ndiscoverable when sharing a project, therefore not only showing teams the user is member of." + }, + { + "key": "bcryptrounds", + "default_value": "11", + "comment": "The number of bcrypt rounds to use during registration. Each increment of this number doubles the computational cost. You probably don't need to change this value." } ] }, diff --git a/pkg/config/config.go b/pkg/config/config.go index f361e8fd5..9eef87189 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -65,6 +65,7 @@ const ( ServiceAllowIconChanges Key = `service.allowiconchanges` ServiceCustomLogoURL Key = `service.customlogourl` ServiceEnablePublicTeams Key = `service.enablepublicteams` + ServiceBcryptRounds Key = `service.bcryptrounds` SentryEnabled Key = `sentry.enabled` SentryDsn Key = `sentry.dsn` @@ -318,6 +319,7 @@ func InitDefaultConfig() { ServiceDemoMode.setDefault(false) ServiceAllowIconChanges.setDefault(true) ServiceEnablePublicTeams.setDefault(false) + ServiceBcryptRounds.setDefault(11) // Sentry SentryDsn.setDefault("https://440eedc957d545a795c17bbaf477497c@o1047380.ingest.sentry.io/4504254983634944") diff --git a/pkg/db/fixtures/link_shares.yml b/pkg/db/fixtures/link_shares.yml index 90f33ca35..ed48152c3 100644 --- a/pkg/db/fixtures/link_shares.yml +++ b/pkg/db/fixtures/link_shares.yml @@ -26,7 +26,7 @@ hash: testWithPassword project_id: 1 right: 0 - password: '$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.' # 1234 + password: '$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6' # 12345678 sharing_type: 2 shared_by_id: 1 created: 2018-12-01 15:13:12 diff --git a/pkg/db/fixtures/users.yml b/pkg/db/fixtures/users.yml index f430c700f..5399b48d8 100644 --- a/pkg/db/fixtures/users.yml +++ b/pkg/db/fixtures/users.yml @@ -1,7 +1,7 @@ - id: 1 username: 'user1' - password: '$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.' # 1234 + password: '$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6' # 12345678 email: 'user1@example.com' issuer: local updated: 2018-12-02 15:13:12 @@ -9,7 +9,7 @@ - id: 2 username: 'user2' - password: '$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.' # 1234 + password: '$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6' # 12345678 email: 'user2@example.com' issuer: local default_project_id: 4 @@ -18,7 +18,7 @@ - id: 3 username: 'user3' - password: '$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.' # 1234 + password: '$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6' # 12345678 email: 'user3@example.com' issuer: local default_project_id: 4 @@ -27,7 +27,7 @@ - id: 4 username: 'user4' - password: '$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.' # 1234 + password: '$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6' # 12345678 email: 'user4@example.com' status: 1 issuer: local @@ -36,7 +36,7 @@ - id: 5 username: 'user5' - password: '$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.' # 1234 + password: '$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6' # 12345678 email: 'user5@example.com' status: 1 issuer: local @@ -45,14 +45,14 @@ # This use is used to create a whole bunch of projects which are then shared directly with a user - id: 6 username: 'user6' - password: '$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.' # 1234 + password: '$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6' # 12345678 email: 'user6@example.com' issuer: local updated: 2018-12-02 15:13:12 created: 2018-12-01 15:13:12 - id: 7 username: 'user7' - password: '$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.' # 1234 + password: '$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6' # 12345678 email: 'user7@example.com' issuer: local discoverable_by_email: true @@ -60,21 +60,21 @@ created: 2018-12-01 15:13:12 - id: 8 username: 'user8' - password: '$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.' # 1234 + password: '$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6' # 12345678 email: 'user8@example.com' issuer: local updated: 2018-12-02 15:13:12 created: 2018-12-01 15:13:12 - id: 9 username: 'user9' - password: '$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.' # 1234 + password: '$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6' # 12345678 email: 'user9@example.com' issuer: local updated: 2018-12-02 15:13:12 created: 2018-12-01 15:13:12 - id: 10 username: 'user10' - password: '$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.' # 1234 + password: '$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6' # 12345678 email: 'user10@example.com' issuer: local updated: 2018-12-02 15:13:12 @@ -82,7 +82,7 @@ - id: 11 username: 'user11' name: 'Some one else' - password: '$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.' # 1234 + password: '$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6' # 12345678 email: 'user11@example.com' issuer: local updated: 2018-12-02 15:13:12 @@ -90,7 +90,7 @@ - id: 12 username: 'user12' name: 'Name with spaces' - password: '$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.' # 1234 + password: '$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6' # 12345678 email: 'user12@example.com' issuer: local discoverable_by_name: true @@ -98,14 +98,14 @@ created: 2018-12-01 15:13:12 - id: 13 username: 'user13' - password: '$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.' # 1234 + password: '$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6' # 12345678 email: 'user14@example.com' issuer: local updated: 2018-12-02 15:13:12 created: 2018-12-01 15:13:12 - id: 14 username: 'user14' - password: '$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.' # 1234 + password: '$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6' # 12345678 email: 'user15@some.service.com' issuer: 'https://some.service.com' subject: '12345' @@ -113,14 +113,14 @@ created: 2018-12-01 15:13:12 - id: 15 username: 'user15' - password: '$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.' # 1234 + password: '$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6' # 12345678 email: 'user15@example.com' issuer: local updated: 2018-12-02 15:13:12 created: 2018-12-01 15:13:12 - id: 16 username: 'user16' - password: '$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.' # 1234 + password: '$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6' # 12345678 email: 'user16@example.com' issuer: local default_project_id: 37 diff --git a/pkg/integrations/integrations.go b/pkg/integrations/integrations.go index b8b837b21..75ee38af8 100644 --- a/pkg/integrations/integrations.go +++ b/pkg/integrations/integrations.go @@ -160,7 +160,7 @@ func newCaldavTestRequestWithUser(t *testing.T, e *echo.Echo, method string, han c, rec = createRequest(e, method, payload, queryParams, urlParams) c.Request().Header.Set(echo.HeaderContentType, echo.MIMETextPlain) - result, _ := caldav.BasicAuth(user.Username, "1234", c) + result, _ := caldav.BasicAuth(user.Username, "12345678", c) if !result { t.Error("BasicAuth for caldav failed") t.FailNow() diff --git a/pkg/integrations/link_sharing_auth_test.go b/pkg/integrations/link_sharing_auth_test.go index bc6e5adea..41c849698 100644 --- a/pkg/integrations/link_sharing_auth_test.go +++ b/pkg/integrations/link_sharing_auth_test.go @@ -48,7 +48,7 @@ func TestLinkSharingAuth(t *testing.T) { assertHandlerErrorCode(t, err, models.ErrCodeLinkSharePasswordRequired) }) t.Run("With Password, Password Provided", func(t *testing.T) { - rec, err := newTestRequest(t, http.MethodPost, apiv1.AuthenticateLinkShare, `{"password":"1234"}`, nil, map[string]string{"share": "testWithPassword"}) + rec, err := newTestRequest(t, http.MethodPost, apiv1.AuthenticateLinkShare, `{"password":"12345678"}`, nil, map[string]string{"share": "testWithPassword"}) require.NoError(t, err) assert.Equal(t, http.StatusOK, rec.Code) assert.Contains(t, rec.Body.String(), `"token":"`) diff --git a/pkg/integrations/login_test.go b/pkg/integrations/login_test.go index f8e9be9f1..a9dfe0225 100644 --- a/pkg/integrations/login_test.go +++ b/pkg/integrations/login_test.go @@ -31,7 +31,7 @@ func TestLogin(t *testing.T) { t.Run("Normal login", func(t *testing.T) { rec, err := newTestRequest(t, http.MethodPost, apiv1.Login, `{ "username": "user1", - "password": "1234" + "password": "12345678" }`, nil, nil) require.NoError(t, err) assert.Contains(t, rec.Body.String(), "token") @@ -44,7 +44,7 @@ func TestLogin(t *testing.T) { t.Run("Not existing user", func(t *testing.T) { _, err := newTestRequest(t, http.MethodPost, apiv1.Login, `{ "username": "userWichDoesNotExist", - "password": "1234" + "password": "12345678" }`, nil, nil) require.Error(t, err) assertHandlerErrorCode(t, err, user.ErrCodeWrongUsernameOrPassword) @@ -60,7 +60,7 @@ func TestLogin(t *testing.T) { t.Run("user with unconfirmed email", func(t *testing.T) { _, err := newTestRequest(t, http.MethodPost, apiv1.Login, `{ "username": "user5", - "password": "1234" + "password": "12345678" }`, nil, nil) require.Error(t, err) assertHandlerErrorCode(t, err, user.ErrCodeEmailNotConfirmed) diff --git a/pkg/integrations/user_change_password_test.go b/pkg/integrations/user_change_password_test.go index 2e585e543..01bd23df5 100644 --- a/pkg/integrations/user_change_password_test.go +++ b/pkg/integrations/user_change_password_test.go @@ -30,8 +30,8 @@ import ( func TestUserChangePassword(t *testing.T) { t.Run("Normal test", func(t *testing.T) { rec, err := newTestRequestWithUser(t, http.MethodPost, apiv1.UserChangePassword, &testuser1, `{ - "new_password": "12345", - "old_password": "1234" + "new_password": "123456789", + "old_password": "12345678" }`, nil, nil) require.NoError(t, err) assert.Contains(t, rec.Body.String(), `The password was updated successfully.`) @@ -55,7 +55,7 @@ func TestUserChangePassword(t *testing.T) { t.Run("Empty new password", func(t *testing.T) { _, err := newTestRequestWithUser(t, http.MethodPost, apiv1.UserChangePassword, &testuser1, `{ "new_password": "", - "old_password": "1234" + "old_password": "12345678" }`, nil, nil) require.Error(t, err) assertHandlerErrorCode(t, err, user.ErrCodeEmptyNewPassword) diff --git a/pkg/integrations/user_password_reset_test.go b/pkg/integrations/user_password_reset_test.go index 5dbdafd4f..bcae79385 100644 --- a/pkg/integrations/user_password_reset_test.go +++ b/pkg/integrations/user_password_reset_test.go @@ -31,7 +31,7 @@ import ( func TestUserPasswordReset(t *testing.T) { t.Run("Normal password reset test", func(t *testing.T) { rec, err := newTestRequest(t, http.MethodPost, apiv1.UserResetPassword, `{ - "new_password": "1234", + "new_password": "12345678", "token": "passwordresettesttoken" }`, nil, nil) require.NoError(t, err) @@ -52,7 +52,7 @@ func TestUserPasswordReset(t *testing.T) { }) t.Run("Invalid password reset token", func(t *testing.T) { _, err := newTestRequest(t, http.MethodPost, apiv1.UserResetPassword, `{ - "new_password": "1234", + "new_password": "12345678", "token": "invalidtoken" }`, nil, nil) require.Error(t, err) diff --git a/pkg/models/label_task_test.go b/pkg/models/label_task_test.go index 00e3a5a11..dc57ddfa3 100644 --- a/pkg/models/label_task_test.go +++ b/pkg/models/label_task_test.go @@ -39,7 +39,7 @@ func TestLabelTask_ReadAll(t *testing.T) { CreatedBy: &user.User{ ID: 2, Username: "user2", - Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.", + Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6", Issuer: "local", EmailRemindersEnabled: true, OverdueTasksRemindersEnabled: true, diff --git a/pkg/models/label_test.go b/pkg/models/label_test.go index 0fcea06c6..31ebfcaee 100644 --- a/pkg/models/label_test.go +++ b/pkg/models/label_test.go @@ -50,7 +50,7 @@ func TestLabel_ReadAll(t *testing.T) { user1 := &user.User{ ID: 1, Username: "user1", - Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.", + Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6", Issuer: "local", EmailRemindersEnabled: true, OverdueTasksRemindersEnabled: true, @@ -101,7 +101,7 @@ func TestLabel_ReadAll(t *testing.T) { CreatedBy: &user.User{ ID: 2, Username: "user2", - Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.", + Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6", Issuer: "local", EmailRemindersEnabled: true, OverdueTasksRemindersEnabled: true, @@ -170,7 +170,7 @@ func TestLabel_ReadOne(t *testing.T) { user1 := &user.User{ ID: 1, Username: "user1", - Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.", + Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6", Issuer: "local", EmailRemindersEnabled: true, OverdueTasksRemindersEnabled: true, @@ -232,7 +232,7 @@ func TestLabel_ReadOne(t *testing.T) { CreatedBy: &user.User{ ID: 2, Username: "user2", - Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.", + Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6", Issuer: "local", EmailRemindersEnabled: true, OverdueTasksRemindersEnabled: true, diff --git a/pkg/models/project_users_test.go b/pkg/models/project_users_test.go index 3e6b09ec5..1c8b4a4ac 100644 --- a/pkg/models/project_users_test.go +++ b/pkg/models/project_users_test.go @@ -148,7 +148,7 @@ func TestProjectUser_ReadAll(t *testing.T) { User: user.User{ ID: 1, Username: "user1", - Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.", + Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6", Issuer: "local", EmailRemindersEnabled: true, OverdueTasksRemindersEnabled: true, @@ -162,7 +162,7 @@ func TestProjectUser_ReadAll(t *testing.T) { User: user.User{ ID: 2, Username: "user2", - Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.", + Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6", Issuer: "local", EmailRemindersEnabled: true, OverdueTasksRemindersEnabled: true, diff --git a/pkg/models/task_collection_test.go b/pkg/models/task_collection_test.go index 9f0e17fa5..a6e5f42ad 100644 --- a/pkg/models/task_collection_test.go +++ b/pkg/models/task_collection_test.go @@ -36,7 +36,7 @@ func TestTaskCollection_ReadAll(t *testing.T) { user1 := &user.User{ ID: 1, Username: "user1", - Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.", + Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6", Issuer: "local", EmailRemindersEnabled: true, OverdueTasksRemindersEnabled: true, @@ -47,7 +47,7 @@ func TestTaskCollection_ReadAll(t *testing.T) { user2 := &user.User{ ID: 2, Username: "user2", - Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.", + Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6", Issuer: "local", EmailRemindersEnabled: true, OverdueTasksRemindersEnabled: true, @@ -59,7 +59,7 @@ func TestTaskCollection_ReadAll(t *testing.T) { user6 := &user.User{ ID: 6, Username: "user6", - Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.", + Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6", Issuer: "local", EmailRemindersEnabled: true, OverdueTasksRemindersEnabled: true, diff --git a/pkg/models/user_project_test.go b/pkg/models/user_project_test.go index 1e12f9abf..c74aef497 100644 --- a/pkg/models/user_project_test.go +++ b/pkg/models/user_project_test.go @@ -28,7 +28,7 @@ func TestListUsersFromProject(t *testing.T) { testuser1 := &user.User{ ID: 1, Username: "user1", - Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.", + Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6", Issuer: "local", EmailRemindersEnabled: true, OverdueTasksRemindersEnabled: true, @@ -39,7 +39,7 @@ func TestListUsersFromProject(t *testing.T) { testuser2 := &user.User{ ID: 2, Username: "user2", - Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.", + Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6", Issuer: "local", EmailRemindersEnabled: true, OverdueTasksRemindersEnabled: true, @@ -51,7 +51,7 @@ func TestListUsersFromProject(t *testing.T) { testuser3 := &user.User{ ID: 3, Username: "user3", - Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.", + Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6", Issuer: "local", EmailRemindersEnabled: true, OverdueTasksRemindersEnabled: true, @@ -63,7 +63,7 @@ func TestListUsersFromProject(t *testing.T) { testuser4 := &user.User{ ID: 4, Username: "user4", - Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.", + Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6", Status: user.StatusEmailConfirmationRequired, Issuer: "local", EmailRemindersEnabled: true, @@ -75,7 +75,7 @@ func TestListUsersFromProject(t *testing.T) { testuser5 := &user.User{ ID: 5, Username: "user5", - Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.", + Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6", Status: user.StatusEmailConfirmationRequired, Issuer: "local", EmailRemindersEnabled: true, @@ -87,7 +87,7 @@ func TestListUsersFromProject(t *testing.T) { testuser6 := &user.User{ ID: 6, Username: "user6", - Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.", + Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6", Issuer: "local", EmailRemindersEnabled: true, OverdueTasksRemindersEnabled: true, @@ -98,7 +98,7 @@ func TestListUsersFromProject(t *testing.T) { testuser7 := &user.User{ ID: 7, Username: "user7", - Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.", + Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6", Issuer: "local", EmailRemindersEnabled: true, DiscoverableByEmail: true, @@ -110,7 +110,7 @@ func TestListUsersFromProject(t *testing.T) { testuser8 := &user.User{ ID: 8, Username: "user8", - Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.", + Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6", Issuer: "local", EmailRemindersEnabled: true, OverdueTasksRemindersEnabled: true, @@ -121,7 +121,7 @@ func TestListUsersFromProject(t *testing.T) { testuser9 := &user.User{ ID: 9, Username: "user9", - Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.", + Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6", Issuer: "local", EmailRemindersEnabled: true, OverdueTasksRemindersEnabled: true, @@ -132,7 +132,7 @@ func TestListUsersFromProject(t *testing.T) { testuser10 := &user.User{ ID: 10, Username: "user10", - Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.", + Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6", Issuer: "local", EmailRemindersEnabled: true, OverdueTasksRemindersEnabled: true, @@ -144,7 +144,7 @@ func TestListUsersFromProject(t *testing.T) { ID: 11, Username: "user11", Name: "Some one else", - Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.", + Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6", Issuer: "local", EmailRemindersEnabled: true, OverdueTasksRemindersEnabled: true, @@ -156,7 +156,7 @@ func TestListUsersFromProject(t *testing.T) { ID: 12, Username: "user12", Name: "Name with spaces", - Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.", + Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6", Issuer: "local", EmailRemindersEnabled: true, DiscoverableByName: true, @@ -168,7 +168,7 @@ func TestListUsersFromProject(t *testing.T) { testuser13 := &user.User{ ID: 13, Username: "user13", - Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.", + Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6", Issuer: "local", EmailRemindersEnabled: true, OverdueTasksRemindersEnabled: true, diff --git a/pkg/user/test.go b/pkg/user/test.go index cdb1ea5ab..84c7b6ced 100644 --- a/pkg/user/test.go +++ b/pkg/user/test.go @@ -17,6 +17,7 @@ package user import ( + "code.vikunja.io/api/pkg/config" "code.vikunja.io/api/pkg/db" "code.vikunja.io/api/pkg/events" "code.vikunja.io/api/pkg/log" @@ -43,4 +44,6 @@ func InitTests() { events.Fake() keyvalue.InitStorage() + + config.ServiceBcryptRounds.Set(4) // The lowest value allowed by the bcrypt library. Makes tests run faster. } diff --git a/pkg/user/user_create.go b/pkg/user/user_create.go index 809cd6be4..eddd2135b 100644 --- a/pkg/user/user_create.go +++ b/pkg/user/user_create.go @@ -119,7 +119,7 @@ func CreateUser(s *xorm.Session, user *User) (newUser *User, err error) { // HashPassword hashes a password func HashPassword(password string) (string, error) { - bytes, err := bcrypt.GenerateFromPassword([]byte(password), 11) + bytes, err := bcrypt.GenerateFromPassword([]byte(password), config.ServiceBcryptRounds.GetInt()) return string(bytes), err } diff --git a/pkg/user/user_test.go b/pkg/user/user_test.go index bf7507715..3dd75d736 100644 --- a/pkg/user/user_test.go +++ b/pkg/user/user_test.go @@ -30,7 +30,7 @@ func TestCreateUser(t *testing.T) { // Our dummy user for testing dummyuser := &User{ Username: "testuser", - Password: "1234", + Password: "12345678", Email: "noone@example.com", } @@ -238,7 +238,7 @@ func TestCheckUserCredentials(t *testing.T) { s := db.NewSession() defer s.Close() - _, err := CheckUserCredentials(s, &Login{Username: "user1", Password: "1234"}) + _, err := CheckUserCredentials(s, &Login{Username: "user1", Password: "12345678"}) require.NoError(t, err) }) t.Run("unverified email", func(t *testing.T) { @@ -246,7 +246,7 @@ func TestCheckUserCredentials(t *testing.T) { s := db.NewSession() defer s.Close() - _, err := CheckUserCredentials(s, &Login{Username: "user5", Password: "1234"}) + _, err := CheckUserCredentials(s, &Login{Username: "user5", Password: "12345678"}) require.Error(t, err) assert.True(t, IsErrEmailNotConfirmed(err)) }) @@ -264,7 +264,7 @@ func TestCheckUserCredentials(t *testing.T) { s := db.NewSession() defer s.Close() - _, err := CheckUserCredentials(s, &Login{Username: "dfstestuu", Password: "1234"}) + _, err := CheckUserCredentials(s, &Login{Username: "dfstestuu", Password: "12345678"}) require.Error(t, err) assert.True(t, IsErrWrongUsernameOrPassword(err)) }) @@ -282,7 +282,7 @@ func TestCheckUserCredentials(t *testing.T) { s := db.NewSession() defer s.Close() - _, err := CheckUserCredentials(s, &Login{Password: "1234"}) + _, err := CheckUserCredentials(s, &Login{Password: "12345678"}) require.Error(t, err) assert.True(t, IsErrNoUsernamePassword(err)) }) @@ -291,7 +291,7 @@ func TestCheckUserCredentials(t *testing.T) { s := db.NewSession() defer s.Close() - _, err := CheckUserCredentials(s, &Login{Username: "user1@example.com", Password: "1234"}) + _, err := CheckUserCredentials(s, &Login{Username: "user1@example.com", Password: "12345678"}) require.NoError(t, err) }) } @@ -308,7 +308,7 @@ func TestUpdateUser(t *testing.T) { Email: "testing@example.com", }, false) require.NoError(t, err) - assert.Equal(t, "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.", uuser.Password) // Password should not change + assert.Equal(t, "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6", uuser.Password) // Password should not change assert.Equal(t, "user1", uuser.Username) // Username should not change either }) t.Run("change username", func(t *testing.T) { @@ -321,7 +321,7 @@ func TestUpdateUser(t *testing.T) { Username: "changedname", }, false) require.NoError(t, err) - assert.Equal(t, "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.", uuser.Password) // Password should not change + assert.Equal(t, "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6", uuser.Password) // Password should not change assert.Equal(t, "changedname", uuser.Username) }) t.Run("nonexistant", func(t *testing.T) {