External/ergo
1
0
Fork 1
mirror of https://github.com/ergochat/ergo.git synced 2025-12-20 02:00:11 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

Upgrade password hashing.

Browse source 
Previously, we generated and prepended a long salt before generating
password hashes. This resulted in the hash verification cutting off long
before it should do. This form of salting is also not necessary with
bcrypt as it's provided by the password hashing and verification
functions themselves, so totally rip it out.

This commit also adds the functionality for the server to automagically
upgrade users to use the new hashing system, which means better
security and more assurance that people can't bruteforce passwords.

No need to apply a database upgrade to do this, whoo! \o/
This commit is contained in:
Daniel Oaks 2018-04-01 17:12:41 +10:00 committed by Shivaram Lingamneni
parent a72de2f4d2
commit 6260869068
3 changed files with 63 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

13
irc/errors.go
View file

@ -10,17 +10,18 @@ import "errors"
// Runtime Errors
var (
errAccountAlreadyRegistered = errors.New("Account already exists")
errAccountAlreadyVerified = errors.New("Account is already verified")
errAccountCantDropPrimaryNick = errors.New("Can't unreserve primary nickname")
errAccountCreation = errors.New("Account could not be created")
errAccountCredUpdate = errors.New("Could not update password hash to new method")
errAccountDoesNotExist = errors.New("Account does not exist")
errAccountInvalidCredentials = errors.New("Invalid account credentials")
errAccountNickReservationFailed = errors.New("Could not (un)reserve nick")
errAccountNotLoggedIn = errors.New("You're not logged into an account")
errAccountTooManyNicks = errors.New("Account has too many reserved nicks")
errAccountUnverified = errors.New("Account is not yet verified")
errAccountVerificationFailed = errors.New("Account verification failed")
errAccountVerificationInvalidCode = errors.New("Invalid account verification code")
errAccountUnverified = errors.New("Account is not yet verified")
errAccountAlreadyVerified = errors.New("Account is already verified")
errAccountInvalidCredentials = errors.New("Invalid account credentials")
errAccountTooManyNicks = errors.New("Account has too many reserved nicks")
errAccountNickReservationFailed = errors.New("Could not (un)reserve nick")
errAccountCantDropPrimaryNick = errors.New("Can't unreserve primary nickname")
errAccountUpdateFailed = errors.New("Error while updating your account information")
errCallbackFailed = errors.New("Account verification could not be sent")
errCertfpAlreadyExists = errors.New("An account already exists with your certificate")