This is an automated email from the ASF dual-hosted git repository.
tianxiaoliang pushed a commit to branch v1.x
in repository https://gitbox.apache.org/repos/asf/servicecomb-service-center.git
The following commit(s) were added to refs/heads/v1.x by this push:
new 7d1329d bcrypt has other prefix (#917)
7d1329d is described below
commit 7d1329dafc7e9644188ba32b5dc0d586b19d5280
Author: Shawn <[email protected]>
AuthorDate: Thu Mar 25 21:25:31 2021 +0800
bcrypt has other prefix (#917)
---
pkg/privacy/password.go | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/pkg/privacy/password.go b/pkg/privacy/password.go
index 66f4ae2..3ffbb0a 100644
--- a/pkg/privacy/password.go
+++ b/pkg/privacy/password.go
@@ -26,7 +26,10 @@ import (
)
const (
- algBcrypt = "$2a$"
+ algBcrypt = "$2a$"
+ algBcrypt2 = "$2b$"
+ algBcrypt3 = "$2x$"
+ algBcrypt4 = "$2y$"
)
//HashPassword
@@ -46,7 +49,7 @@ func ScryptPassword(pwd string) (string, error) {
return string(hash), nil
}
func SamePassword(hashedPwd, pwd string) bool {
- if strings.HasPrefix(hashedPwd, algBcrypt) {
+ if isEncodedByBcrypt(hashedPwd) {
err := bcrypt.CompareHashAndPassword([]byte(hashedPwd),
[]byte(pwd))
if err == bcrypt.ErrMismatchedHashAndPassword {
log.Warn("incorrect password attempts")
@@ -60,3 +63,8 @@ func SamePassword(hashedPwd, pwd string) bool {
return err == nil
}
+func isEncodedByBcrypt(hashedPwd string) bool {
+ return strings.HasPrefix(hashedPwd, algBcrypt) ||
+ strings.HasPrefix(hashedPwd, algBcrypt2) ||
+ strings.HasPrefix(hashedPwd, algBcrypt3) ||
strings.HasPrefix(hashedPwd, algBcrypt4)
+}
