github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-31 00:08:53 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

DEV: Migrate user passwords data to UserPassword table (#28746)

Browse Source 
* Add migrations to ensure password hash is synced across users & user_passwords

* Persist password-related data in user_passwords instead of users

* Merge User#expire_old_email_tokens with User#expire_tokens_if_password_changed

* Add post deploy migration to mark password-related columns from users table as read-only

* Refactored UserPassword#confirm_password? and changes required to accommodate hashing the password after validations
This commit is contained in:
Kelv
2024-10-10 09:23:06 +08:00
committed by GitHub
parent c1f25cdf5b
commit 32e261ef73
18 changed files with 496 additions and 364 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
lib/validators/user_password_validator.rb Normal file
View File

@ -0,0 +1,36 @@
# frozen_string_literal: true
class UserPasswordValidator < ActiveModel::EachValidator
def validate_each(record, attribute, value)
return unless record.password_validation_required?
user = record.user
if value.nil?
record.errors.add(attribute, :blank)
elsif value.length < SiteSetting.min_admin_password_length &&
(user.admin? || is_developer?(user.email))
record.errors.add(attribute, :too_short, count: SiteSetting.min_admin_password_length)
elsif value.length < SiteSetting.min_password_length
record.errors.add(attribute, :too_short, count: SiteSetting.min_password_length)
elsif user.username.present? && value == user.username
record.errors.add(attribute, :same_as_username)
elsif user.name.present? && value == user.name
record.errors.add(attribute, :same_as_name)
elsif user.email.present? && value == user.email
record.errors.add(attribute, :same_as_email)
elsif record.password_hash_changed? && record.confirm_password?(value)
record.errors.add(attribute, :same_as_current)
elsif SiteSetting.block_common_passwords && CommonPasswords.common_password?(value)
record.errors.add(attribute, :common)
elsif value.chars.uniq.length < SiteSetting.password_unique_characters
record.errors.add(attribute, :unique_characters)
end
end
private
def is_developer?(value)
Rails.configuration.respond_to?(:developer_emails) &&
Rails.configuration.developer_emails.include?(value)
end
end