llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-09-10 21:30:33 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: use only one salt arg in CredManager.IsPasswordCorrect() (#3936)

Browse Source
This commit is contained in:
raiki02
2025-07-07 17:56:25 +08:00
committed by GitHub
parent b42391c6ce
commit 9bbe5afb7c
10 changed files with 15 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
object/check.go
View File

@@ -252,12 +252,12 @@ func CheckPassword(user *User, password string, lang string, options ...bool) er
credManager := cred.GetCredManager(passwordType)
if credManager != nil {
if organization.MasterPassword != "" {
if password == organization.MasterPassword || credManager.IsPasswordCorrect(password, organization.MasterPassword, "", organization.PasswordSalt) {
if password == organization.MasterPassword || credManager.IsPasswordCorrect(password, organization.MasterPassword, organization.PasswordSalt) {
return resetUserSigninErrorTimes(user)
}
}
if credManager.IsPasswordCorrect(password, user.Password, user.PasswordSalt, organization.PasswordSalt) {
if credManager.IsPasswordCorrect(password, user.Password, organization.PasswordSalt) || credManager.IsPasswordCorrect(password, user.Password, user.PasswordSalt) {
return resetUserSigninErrorTimes(user)
}