jenkins-bot has submitted this change and it was merged.
Change subject: Avoid DB_MASTER use on password checks and defer password
upgrades
......................................................................
Avoid DB_MASTER use on password checks and defer password upgrades
Change-Id: Iceaafa31a5d8efcd9881b8a4a5c0e2aca1b1447c
---
M includes/auth/LocalPasswordPrimaryAuthenticationProvider.php
1 file changed, 17 insertions(+), 10 deletions(-)
Approvals:
Anomie: Looks good to me, approved
Catrope: Looks good to me, but someone else must approve
jenkins-bot: Verified
diff --git a/includes/auth/LocalPasswordPrimaryAuthenticationProvider.php
b/includes/auth/LocalPasswordPrimaryAuthenticationProvider.php
index bbc6e8d..88df68d 100644
--- a/includes/auth/LocalPasswordPrimaryAuthenticationProvider.php
+++ b/includes/auth/LocalPasswordPrimaryAuthenticationProvider.php
@@ -88,8 +88,8 @@
'user_id', 'user_password', 'user_password_expires',
];
- $dbw = wfGetDB( DB_MASTER );
- $row = $dbw->selectRow(
+ $dbr = wfGetDB( DB_REPLICA );
+ $row = $dbr->selectRow(
'user',
$fields,
[ 'user_name' => $username ],
@@ -99,6 +99,7 @@
return AuthenticationResponse::newAbstain();
}
+ $oldRow = clone $row;
// Check for *really* old password hashes that don't even have
a type
// The old hash format was just an md5 hex hash, with no type
information
if ( preg_match( '/^[0-9a-f]{32}$/', $row->user_password ) ) {
@@ -132,12 +133,18 @@
// @codeCoverageIgnoreStart
if ( $this->getPasswordFactory()->needsUpdate( $pwhash ) ) {
$pwhash =
$this->getPasswordFactory()->newFromPlaintext( $req->password );
- $dbw->update(
- 'user',
- [ 'user_password' => $pwhash->toString() ],
- [ 'user_id' => $row->user_id ],
- __METHOD__
- );
+ \DeferredUpdates::addCallableUpdate( function () use (
$pwhash, $oldRow ) {
+ $dbw = wfGetDB( DB_MASTER );
+ $dbw->update(
+ 'user',
+ [ 'user_password' =>
$pwhash->toString() ],
+ [
+ 'user_id' => $oldRow->user_id,
+ 'user_password' =>
$oldRow->user_password
+ ],
+ __METHOD__
+ );
+ } );
}
// @codeCoverageIgnoreEnd
@@ -152,8 +159,8 @@
return false;
}
- $dbw = wfGetDB( DB_MASTER );
- $row = $dbw->selectRow(
+ $dbr = wfGetDB( DB_REPLICA );
+ $row = $dbr->selectRow(
'user',
[ 'user_password' ],
[ 'user_name' => $username ],
--
To view, visit https://gerrit.wikimedia.org/r/312546
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: Iceaafa31a5d8efcd9881b8a4a5c0e2aca1b1447c
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/core
Gerrit-Branch: master
Gerrit-Owner: Aaron Schulz <[email protected]>
Gerrit-Reviewer: Anomie <[email protected]>
Gerrit-Reviewer: Catrope <[email protected]>
Gerrit-Reviewer: Dpatrick <[email protected]>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
