llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-07-08 00:50:28 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: CredManager.GetHashedPassword() only contains one salt arg now (#3928)

Browse Source
This commit is contained in:
Raiki
2025-07-05 18:41:37 +08:00
committed by GitHub
parent b1f68a60a4
commit fb035a5353
13 changed files with 35 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
cred/pbkdf2-salt.go
View File

@ -28,13 +28,16 @@ func NewPbkdf2SaltCredManager() *Pbkdf2SaltCredManager {
return cm
}
func (cm *Pbkdf2SaltCredManager) GetHashedPassword(password string, userSalt string, organizationSalt string) string {
func (cm *Pbkdf2SaltCredManager) GetHashedPassword(password string, salt string) string {
// https://www.keycloak.org/docs/latest/server_admin/index.html#password-database-compromised
decodedSalt, _ := base64.StdEncoding.DecodeString(userSalt)
decodedSalt, _ := base64.StdEncoding.DecodeString(salt)
res := pbkdf2.Key([]byte(password), decodedSalt, 27500, 64, sha256.New)
return base64.StdEncoding.EncodeToString(res)
}
func (cm *Pbkdf2SaltCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, userSalt string, organizationSalt string) bool {
return hashedPwd == cm.GetHashedPassword(plainPwd, userSalt, organizationSalt)
if hashedPwd == cm.GetHashedPassword(plainPwd, organizationSalt) {
return true
}
return hashedPwd == cm.GetHashedPassword(plainPwd, userSalt)
}