vikunja/vikunja
Archived
8
54
Fork 94
Code Issues 101 Pull Requests 31 Packages Releases 37 Activity

feat: make used bcrypt rounds configurable
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source 
This allows to configure the used bcrypt rounds and set it to 4 in tests, greatly speeding up the tests. It's not really required to set this to another value but it might be in the future as computers get faster.
This commit is contained in:
kolaente 2024-10-13 15:38:04 +02:00
parent e22fb1e73e
commit a88124cfce
Signed by: konrad
GPG Key ID: F40E70337AB24C9B
17 changed files with 69 additions and 59 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
config-raw.json
View File

@ -127,6 +127,11 @@
"key": "enablepublicteams",
"default_value": "false",
"comment": "Enables the public team feature. If enabled, it is possible to configure teams to be public, which makes them\ndiscoverable when sharing a project, therefore not only showing teams the user is member of."
},
{
"key": "bcryptrounds",
"default_value": "11",
"comment": "The number of bcrypt rounds to use during registration. Each increment of this number doubles the computational cost. You probably don't need to change this value."
}
]
},

2
pkg/config/config.go
View File

@ -65,6 +65,7 @@ const (
ServiceAllowIconChanges Key = `service.allowiconchanges`
ServiceCustomLogoURL Key = `service.customlogourl`
ServiceEnablePublicTeams Key = `service.enablepublicteams`
ServiceBcryptRounds Key = `service.bcryptrounds`
SentryEnabled Key = `sentry.enabled`
SentryDsn Key = `sentry.dsn`
@ -318,6 +319,7 @@ func InitDefaultConfig() {
ServiceDemoMode.setDefault(false)
ServiceAllowIconChanges.setDefault(true)
ServiceEnablePublicTeams.setDefault(false)
ServiceBcryptRounds.setDefault(11)
// Sentry
SentryDsn.setDefault("https://440eedc957d545a795c17bbaf477497c@o1047380.ingest.sentry.io/4504254983634944")

2
pkg/db/fixtures/link_shares.yml
View File

@ -26,7 +26,7 @@
hash: testWithPassword
project_id: 1
right: 0
password: '$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.' # 1234
password: '$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6' # 12345678
sharing_type: 2
shared_by_id: 1
created: 2018-12-01 15:13:12

32
pkg/db/fixtures/users.yml
View File

@ -1,7 +1,7 @@
-
id: 1
username: 'user1'
password: '$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.' # 1234
password: '$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6' # 12345678
email: 'user1@example.com'
issuer: local
updated: 2018-12-02 15:13:12
@ -9,7 +9,7 @@
-
id: 2
username: 'user2'
password: '$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.' # 1234
password: '$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6' # 12345678
email: 'user2@example.com'
issuer: local
default_project_id: 4
@ -18,7 +18,7 @@
-
id: 3
username: 'user3'
password: '$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.' # 1234
password: '$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6' # 12345678
email: 'user3@example.com'
issuer: local
default_project_id: 4
@ -27,7 +27,7 @@
-
id: 4
username: 'user4'
password: '$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.' # 1234
password: '$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6' # 12345678
email: 'user4@example.com'
status: 1
issuer: local
@ -36,7 +36,7 @@
-
id: 5
username: 'user5'
password: '$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.' # 1234
password: '$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6' # 12345678
email: 'user5@example.com'
status: 1
issuer: local
@ -45,14 +45,14 @@
# This use is used to create a whole bunch of projects which are then shared directly with a user
- id: 6
username: 'user6'
password: '$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.' # 1234
password: '$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6' # 12345678
email: 'user6@example.com'
issuer: local
updated: 2018-12-02 15:13:12
created: 2018-12-01 15:13:12
- id: 7
username: 'user7'
password: '$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.' # 1234
password: '$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6' # 12345678
email: 'user7@example.com'
issuer: local
discoverable_by_email: true
@ -60,21 +60,21 @@
created: 2018-12-01 15:13:12
- id: 8
username: 'user8'
password: '$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.' # 1234
password: '$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6' # 12345678
email: 'user8@example.com'
issuer: local
updated: 2018-12-02 15:13:12
created: 2018-12-01 15:13:12
- id: 9
username: 'user9'
password: '$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.' # 1234
password: '$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6' # 12345678
email: 'user9@example.com'
issuer: local
updated: 2018-12-02 15:13:12
created: 2018-12-01 15:13:12
- id: 10
username: 'user10'
password: '$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.' # 1234
password: '$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6' # 12345678
email: 'user10@example.com'
issuer: local
updated: 2018-12-02 15:13:12
@ -82,7 +82,7 @@
- id: 11
username: 'user11'
name: 'Some one else'
password: '$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.' # 1234
password: '$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6' # 12345678
email: 'user11@example.com'
issuer: local
updated: 2018-12-02 15:13:12
@ -90,7 +90,7 @@
- id: 12
username: 'user12'
name: 'Name with spaces'
password: '$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.' # 1234
password: '$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6' # 12345678
email: 'user12@example.com'
issuer: local
discoverable_by_name: true
@ -98,14 +98,14 @@
created: 2018-12-01 15:13:12
- id: 13
username: 'user13'
password: '$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.' # 1234
password: '$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6' # 12345678
email: 'user14@example.com'
issuer: local
updated: 2018-12-02 15:13:12
created: 2018-12-01 15:13:12
- id: 14
username: 'user14'
password: '$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.' # 1234
password: '$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6' # 12345678
email: 'user15@some.service.com'
issuer: 'https://some.service.com'
subject: '12345'
@ -113,14 +113,14 @@
created: 2018-12-01 15:13:12
- id: 15
username: 'user15'
password: '$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.' # 1234
password: '$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6' # 12345678
email: 'user15@example.com'
issuer: local
updated: 2018-12-02 15:13:12
created: 2018-12-01 15:13:12
- id: 16
username: 'user16'
password: '$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.' # 1234
password: '$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6' # 12345678
email: 'user16@example.com'
issuer: local
default_project_id: 37

2
pkg/integrations/integrations.go
View File

@ -160,7 +160,7 @@ func newCaldavTestRequestWithUser(t *testing.T, e *echo.Echo, method string, han
c, rec = createRequest(e, method, payload, queryParams, urlParams)
c.Request().Header.Set(echo.HeaderContentType, echo.MIMETextPlain)
result, _ := caldav.BasicAuth(user.Username, "1234", c)
result, _ := caldav.BasicAuth(user.Username, "12345678", c)
if !result {
t.Error("BasicAuth for caldav failed")
t.FailNow()

2
pkg/integrations/link_sharing_auth_test.go
View File

@ -48,7 +48,7 @@ func TestLinkSharingAuth(t *testing.T) {
assertHandlerErrorCode(t, err, models.ErrCodeLinkSharePasswordRequired)
})
t.Run("With Password, Password Provided", func(t *testing.T) {
rec, err := newTestRequest(t, http.MethodPost, apiv1.AuthenticateLinkShare, `{"password":"1234"}`, nil, map[string]string{"share": "testWithPassword"})
rec, err := newTestRequest(t, http.MethodPost, apiv1.AuthenticateLinkShare, `{"password":"12345678"}`, nil, map[string]string{"share": "testWithPassword"})
require.NoError(t, err)
assert.Equal(t, http.StatusOK, rec.Code)
assert.Contains(t, rec.Body.String(), `"token":"`)

6
pkg/integrations/login_test.go
View File

@ -31,7 +31,7 @@ func TestLogin(t *testing.T) {
t.Run("Normal login", func(t *testing.T) {
rec, err := newTestRequest(t, http.MethodPost, apiv1.Login, `{
"username": "user1",
"password": "1234"
"password": "12345678"
}`, nil, nil)
require.NoError(t, err)
assert.Contains(t, rec.Body.String(), "token")
@ -44,7 +44,7 @@ func TestLogin(t *testing.T) {
t.Run("Not existing user", func(t *testing.T) {
_, err := newTestRequest(t, http.MethodPost, apiv1.Login, `{
"username": "userWichDoesNotExist",
"password": "1234"
"password": "12345678"
}`, nil, nil)
require.Error(t, err)
assertHandlerErrorCode(t, err, user.ErrCodeWrongUsernameOrPassword)
@ -60,7 +60,7 @@ func TestLogin(t *testing.T) {
t.Run("user with unconfirmed email", func(t *testing.T) {
_, err := newTestRequest(t, http.MethodPost, apiv1.Login, `{
"username": "user5",
"password": "1234"
"password": "12345678"
}`, nil, nil)
require.Error(t, err)
assertHandlerErrorCode(t, err, user.ErrCodeEmailNotConfirmed)

6
pkg/integrations/user_change_password_test.go
View File

@ -30,8 +30,8 @@ import (
func TestUserChangePassword(t *testing.T) {
t.Run("Normal test", func(t *testing.T) {
rec, err := newTestRequestWithUser(t, http.MethodPost, apiv1.UserChangePassword, &testuser1, `{
"new_password": "12345",
"old_password": "1234"
"new_password": "123456789",
"old_password": "12345678"
}`, nil, nil)
require.NoError(t, err)
assert.Contains(t, rec.Body.String(), `The password was updated successfully.`)
@ -55,7 +55,7 @@ func TestUserChangePassword(t *testing.T) {
t.Run("Empty new password", func(t *testing.T) {
_, err := newTestRequestWithUser(t, http.MethodPost, apiv1.UserChangePassword, &testuser1, `{
"new_password": "",
"old_password": "1234"
"old_password": "12345678"
}`, nil, nil)
require.Error(t, err)
assertHandlerErrorCode(t, err, user.ErrCodeEmptyNewPassword)

4
pkg/integrations/user_password_reset_test.go
View File

@ -31,7 +31,7 @@ import (
func TestUserPasswordReset(t *testing.T) {
t.Run("Normal password reset test", func(t *testing.T) {
rec, err := newTestRequest(t, http.MethodPost, apiv1.UserResetPassword, `{
"new_password": "1234",
"new_password": "12345678",
"token": "passwordresettesttoken"
}`, nil, nil)
require.NoError(t, err)
@ -52,7 +52,7 @@ func TestUserPasswordReset(t *testing.T) {
})
t.Run("Invalid password reset token", func(t *testing.T) {
_, err := newTestRequest(t, http.MethodPost, apiv1.UserResetPassword, `{
"new_password": "1234",
"new_password": "12345678",
"token": "invalidtoken"
}`, nil, nil)
require.Error(t, err)

2
pkg/models/label_task_test.go
View File

@ -39,7 +39,7 @@ func TestLabelTask_ReadAll(t *testing.T) {
CreatedBy: &user.User{
ID: 2,
Username: "user2",
Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.",
Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6",
Issuer: "local",
EmailRemindersEnabled: true,
OverdueTasksRemindersEnabled: true,

8
pkg/models/label_test.go
View File

@ -50,7 +50,7 @@ func TestLabel_ReadAll(t *testing.T) {
user1 := &user.User{
ID: 1,
Username: "user1",
Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.",
Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6",
Issuer: "local",
EmailRemindersEnabled: true,
OverdueTasksRemindersEnabled: true,
@ -101,7 +101,7 @@ func TestLabel_ReadAll(t *testing.T) {
CreatedBy: &user.User{
ID: 2,
Username: "user2",
Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.",
Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6",
Issuer: "local",
EmailRemindersEnabled: true,
OverdueTasksRemindersEnabled: true,
@ -170,7 +170,7 @@ func TestLabel_ReadOne(t *testing.T) {
user1 := &user.User{
ID: 1,
Username: "user1",
Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.",
Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6",
Issuer: "local",
EmailRemindersEnabled: true,
OverdueTasksRemindersEnabled: true,
@ -232,7 +232,7 @@ func TestLabel_ReadOne(t *testing.T) {
CreatedBy: &user.User{
ID: 2,
Username: "user2",
Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.",
Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6",
Issuer: "local",
EmailRemindersEnabled: true,
OverdueTasksRemindersEnabled: true,

4
pkg/models/project_users_test.go
View File

@ -148,7 +148,7 @@ func TestProjectUser_ReadAll(t *testing.T) {
User: user.User{
ID: 1,
Username: "user1",
Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.",
Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6",
Issuer: "local",
EmailRemindersEnabled: true,
OverdueTasksRemindersEnabled: true,
@ -162,7 +162,7 @@ func TestProjectUser_ReadAll(t *testing.T) {
User: user.User{
ID: 2,
Username: "user2",
Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.",
Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6",
Issuer: "local",
EmailRemindersEnabled: true,
OverdueTasksRemindersEnabled: true,

6
pkg/models/task_collection_test.go
View File

@ -36,7 +36,7 @@ func TestTaskCollection_ReadAll(t *testing.T) {
user1 := &user.User{
ID: 1,
Username: "user1",
Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.",
Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6",
Issuer: "local",
EmailRemindersEnabled: true,
OverdueTasksRemindersEnabled: true,
@ -47,7 +47,7 @@ func TestTaskCollection_ReadAll(t *testing.T) {
user2 := &user.User{
ID: 2,
Username: "user2",
Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.",
Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6",
Issuer: "local",
EmailRemindersEnabled: true,
OverdueTasksRemindersEnabled: true,
@ -59,7 +59,7 @@ func TestTaskCollection_ReadAll(t *testing.T) {
user6 := &user.User{
ID: 6,
Username: "user6",
Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.",
Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6",
Issuer: "local",
EmailRemindersEnabled: true,
OverdueTasksRemindersEnabled: true,

26
pkg/models/user_project_test.go
View File

@ -28,7 +28,7 @@ func TestListUsersFromProject(t *testing.T) {
testuser1 := &user.User{
ID: 1,
Username: "user1",
Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.",
Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6",
Issuer: "local",
EmailRemindersEnabled: true,
OverdueTasksRemindersEnabled: true,
@ -39,7 +39,7 @@ func TestListUsersFromProject(t *testing.T) {
testuser2 := &user.User{
ID: 2,
Username: "user2",
Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.",
Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6",
Issuer: "local",
EmailRemindersEnabled: true,
OverdueTasksRemindersEnabled: true,
@ -51,7 +51,7 @@ func TestListUsersFromProject(t *testing.T) {
testuser3 := &user.User{
ID: 3,
Username: "user3",
Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.",
Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6",
Issuer: "local",
EmailRemindersEnabled: true,
OverdueTasksRemindersEnabled: true,
@ -63,7 +63,7 @@ func TestListUsersFromProject(t *testing.T) {
testuser4 := &user.User{
ID: 4,
Username: "user4",
Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.",
Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6",
Status: user.StatusEmailConfirmationRequired,
Issuer: "local",
EmailRemindersEnabled: true,
@ -75,7 +75,7 @@ func TestListUsersFromProject(t *testing.T) {
testuser5 := &user.User{
ID: 5,
Username: "user5",
Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.",
Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6",
Status: user.StatusEmailConfirmationRequired,
Issuer: "local",
EmailRemindersEnabled: true,
@ -87,7 +87,7 @@ func TestListUsersFromProject(t *testing.T) {
testuser6 := &user.User{
ID: 6,
Username: "user6",
Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.",
Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6",
Issuer: "local",
EmailRemindersEnabled: true,
OverdueTasksRemindersEnabled: true,
@ -98,7 +98,7 @@ func TestListUsersFromProject(t *testing.T) {
testuser7 := &user.User{
ID: 7,
Username: "user7",
Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.",
Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6",
Issuer: "local",
EmailRemindersEnabled: true,
DiscoverableByEmail: true,
@ -110,7 +110,7 @@ func TestListUsersFromProject(t *testing.T) {
testuser8 := &user.User{
ID: 8,
Username: "user8",
Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.",
Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6",
Issuer: "local",
EmailRemindersEnabled: true,
OverdueTasksRemindersEnabled: true,
@ -121,7 +121,7 @@ func TestListUsersFromProject(t *testing.T) {
testuser9 := &user.User{
ID: 9,
Username: "user9",
Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.",
Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6",
Issuer: "local",
EmailRemindersEnabled: true,
OverdueTasksRemindersEnabled: true,
@ -132,7 +132,7 @@ func TestListUsersFromProject(t *testing.T) {
testuser10 := &user.User{
ID: 10,
Username: "user10",
Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.",
Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6",
Issuer: "local",
EmailRemindersEnabled: true,
OverdueTasksRemindersEnabled: true,
@ -144,7 +144,7 @@ func TestListUsersFromProject(t *testing.T) {
ID: 11,
Username: "user11",
Name: "Some one else",
Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.",
Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6",
Issuer: "local",
EmailRemindersEnabled: true,
OverdueTasksRemindersEnabled: true,
@ -156,7 +156,7 @@ func TestListUsersFromProject(t *testing.T) {
ID: 12,
Username: "user12",
Name: "Name with spaces",
Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.",
Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6",
Issuer: "local",
EmailRemindersEnabled: true,
DiscoverableByName: true,
@ -168,7 +168,7 @@ func TestListUsersFromProject(t *testing.T) {
testuser13 := &user.User{
ID: 13,
Username: "user13",
Password: "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.",
Password: "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6",
Issuer: "local",
EmailRemindersEnabled: true,
OverdueTasksRemindersEnabled: true,

3
pkg/user/test.go
View File

@ -17,6 +17,7 @@
package user
import (
"code.vikunja.io/api/pkg/config"
"code.vikunja.io/api/pkg/db"
"code.vikunja.io/api/pkg/events"
"code.vikunja.io/api/pkg/log"
@ -43,4 +44,6 @@ func InitTests() {
events.Fake()
keyvalue.InitStorage()
config.ServiceBcryptRounds.Set(4) // The lowest value allowed by the bcrypt library. Makes tests run faster.
}

2
pkg/user/user_create.go
View File

@ -119,7 +119,7 @@ func CreateUser(s *xorm.Session, user *User) (newUser *User, err error) {
// HashPassword hashes a password
func HashPassword(password string) (string, error) {
bytes, err := bcrypt.GenerateFromPassword([]byte(password), 11)
bytes, err := bcrypt.GenerateFromPassword([]byte(password), config.ServiceBcryptRounds.GetInt())
return string(bytes), err
}

16
pkg/user/user_test.go
View File

@ -30,7 +30,7 @@ func TestCreateUser(t *testing.T) {
// Our dummy user for testing
dummyuser := &User{
Username: "testuser",
Password: "1234",
Password: "12345678",
Email: "noone@example.com",
}
@ -238,7 +238,7 @@ func TestCheckUserCredentials(t *testing.T) {
s := db.NewSession()
defer s.Close()
_, err := CheckUserCredentials(s, &Login{Username: "user1", Password: "1234"})
_, err := CheckUserCredentials(s, &Login{Username: "user1", Password: "12345678"})
require.NoError(t, err)
})
t.Run("unverified email", func(t *testing.T) {
@ -246,7 +246,7 @@ func TestCheckUserCredentials(t *testing.T) {
s := db.NewSession()
defer s.Close()
_, err := CheckUserCredentials(s, &Login{Username: "user5", Password: "1234"})
_, err := CheckUserCredentials(s, &Login{Username: "user5", Password: "12345678"})
require.Error(t, err)
assert.True(t, IsErrEmailNotConfirmed(err))
})
@ -264,7 +264,7 @@ func TestCheckUserCredentials(t *testing.T) {
s := db.NewSession()
defer s.Close()
_, err := CheckUserCredentials(s, &Login{Username: "dfstestuu", Password: "1234"})
_, err := CheckUserCredentials(s, &Login{Username: "dfstestuu", Password: "12345678"})
require.Error(t, err)
assert.True(t, IsErrWrongUsernameOrPassword(err))
})
@ -282,7 +282,7 @@ func TestCheckUserCredentials(t *testing.T) {
s := db.NewSession()
defer s.Close()
_, err := CheckUserCredentials(s, &Login{Password: "1234"})
_, err := CheckUserCredentials(s, &Login{Password: "12345678"})
require.Error(t, err)
assert.True(t, IsErrNoUsernamePassword(err))
})
@ -291,7 +291,7 @@ func TestCheckUserCredentials(t *testing.T) {
s := db.NewSession()
defer s.Close()
_, err := CheckUserCredentials(s, &Login{Username: "user1@example.com", Password: "1234"})
_, err := CheckUserCredentials(s, &Login{Username: "user1@example.com", Password: "12345678"})
require.NoError(t, err)
})
}
@ -308,7 +308,7 @@ func TestUpdateUser(t *testing.T) {
Email: "testing@example.com",
}, false)
require.NoError(t, err)
assert.Equal(t, "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.", uuser.Password) // Password should not change
assert.Equal(t, "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6", uuser.Password) // Password should not change
assert.Equal(t, "user1", uuser.Username) // Username should not change either
})
t.Run("change username", func(t *testing.T) {
@ -321,7 +321,7 @@ func TestUpdateUser(t *testing.T) {
Username: "changedname",
}, false)
require.NoError(t, err)
assert.Equal(t, "$2a$14$dcadBoMBL9jQoOcZK8Fju.cy0Ptx2oZECkKLnaa8ekRoTFe1w7To.", uuser.Password) // Password should not change
assert.Equal(t, "$2a$04$X4aRMEt0ytgPwMIgv36cI..7X9.nhY/.tYwxpqSi0ykRHx2CwQ0S6", uuser.Password) // Password should not change
assert.Equal(t, "changedname", uuser.Username)
})
t.Run("nonexistant", func(t *testing.T) {