Add Password Algorithm option to install page (#14701)
Add Password Algorithm option to install page Fix #14674 Co-authored-by: John Olheiser <john.olheiser@gmail.com>
This commit is contained in:
parent
66a148e398
commit
ad43b119a8
5 changed files with 36 additions and 1 deletions
|
@ -56,7 +56,17 @@ const (
|
||||||
algoScrypt = "scrypt"
|
algoScrypt = "scrypt"
|
||||||
algoArgon2 = "argon2"
|
algoArgon2 = "argon2"
|
||||||
algoPbkdf2 = "pbkdf2"
|
algoPbkdf2 = "pbkdf2"
|
||||||
|
)
|
||||||
|
|
||||||
|
// AvailableHashAlgorithms represents the available password hashing algorithms
|
||||||
|
var AvailableHashAlgorithms = []string{
|
||||||
|
algoPbkdf2,
|
||||||
|
algoArgon2,
|
||||||
|
algoScrypt,
|
||||||
|
algoBcrypt,
|
||||||
|
}
|
||||||
|
|
||||||
|
const (
|
||||||
// EmailNotificationsEnabled indicates that the user would like to receive all email notifications
|
// EmailNotificationsEnabled indicates that the user would like to receive all email notifications
|
||||||
EmailNotificationsEnabled = "enabled"
|
EmailNotificationsEnabled = "enabled"
|
||||||
// EmailNotificationsOnMention indicates that the user would like to be notified via email when mentioned.
|
// EmailNotificationsOnMention indicates that the user would like to be notified via email when mentioned.
|
||||||
|
|
|
@ -60,6 +60,8 @@ type InstallForm struct {
|
||||||
DefaultEnableTimetracking bool
|
DefaultEnableTimetracking bool
|
||||||
NoReplyAddress string
|
NoReplyAddress string
|
||||||
|
|
||||||
|
PasswordAlgorithm string
|
||||||
|
|
||||||
AdminName string `binding:"OmitEmpty;AlphaDashDot;MaxSize(30)" locale:"install.admin_name"`
|
AdminName string `binding:"OmitEmpty;AlphaDashDot;MaxSize(30)" locale:"install.admin_name"`
|
||||||
AdminPasswd string `binding:"OmitEmpty;MaxSize(255)" locale:"install.admin_password"`
|
AdminPasswd string `binding:"OmitEmpty;MaxSize(255)" locale:"install.admin_password"`
|
||||||
AdminConfirmPasswd string
|
AdminConfirmPasswd string
|
||||||
|
|
|
@ -205,6 +205,8 @@ default_enable_timetracking = Enable Time Tracking by Default
|
||||||
default_enable_timetracking_popup = Enable time tracking for new repositories by default.
|
default_enable_timetracking_popup = Enable time tracking for new repositories by default.
|
||||||
no_reply_address = Hidden Email Domain
|
no_reply_address = Hidden Email Domain
|
||||||
no_reply_address_helper = Domain name for users with a hidden email address. For example, the username 'joe' will be logged in Git as 'joe@noreply.example.org' if the hidden email domain is set to 'noreply.example.org'.
|
no_reply_address_helper = Domain name for users with a hidden email address. For example, the username 'joe' will be logged in Git as 'joe@noreply.example.org' if the hidden email domain is set to 'noreply.example.org'.
|
||||||
|
password_algorithm = Password Hash Algorithm
|
||||||
|
password_algorithm_helper = Set the password hashing algorithm. Algorithms have differing requirements and strength. `argon2` whilst having good characteristics uses a lot of memory and may be inappropriate for small systems.
|
||||||
|
|
||||||
[home]
|
[home]
|
||||||
uname_holder = Username or Email Address
|
uname_holder = Username or Email Address
|
||||||
|
@ -931,7 +933,7 @@ ext_issues = Ext. Issues
|
||||||
ext_issues.desc = Link to an external issue tracker.
|
ext_issues.desc = Link to an external issue tracker.
|
||||||
|
|
||||||
projects = Projects
|
projects = Projects
|
||||||
projects.desc = Manage issues and pulls in project boards.
|
projects.desc = Manage issues and pulls in project boards.
|
||||||
projects.description = Description (optional)
|
projects.description = Description (optional)
|
||||||
projects.description_placeholder = Description
|
projects.description_placeholder = Description
|
||||||
projects.create = Create Project
|
projects.create = Create Project
|
||||||
|
|
|
@ -66,6 +66,7 @@ func InstallInit(next http.Handler) http.Handler {
|
||||||
"TmplLoadTimes": func() string {
|
"TmplLoadTimes": func() string {
|
||||||
return time.Since(startTime).String()
|
return time.Since(startTime).String()
|
||||||
},
|
},
|
||||||
|
"PasswordHashAlgorithms": models.AvailableHashAlgorithms,
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
ctx.Req = context.WithContext(req, &ctx)
|
ctx.Req = context.WithContext(req, &ctx)
|
||||||
|
@ -142,6 +143,7 @@ func Install(ctx *context.Context) {
|
||||||
form.DefaultAllowCreateOrganization = setting.Service.DefaultAllowCreateOrganization
|
form.DefaultAllowCreateOrganization = setting.Service.DefaultAllowCreateOrganization
|
||||||
form.DefaultEnableTimetracking = setting.Service.DefaultEnableTimetracking
|
form.DefaultEnableTimetracking = setting.Service.DefaultEnableTimetracking
|
||||||
form.NoReplyAddress = setting.Service.NoReplyAddress
|
form.NoReplyAddress = setting.Service.NoReplyAddress
|
||||||
|
form.PasswordAlgorithm = setting.PasswordHashAlgo
|
||||||
|
|
||||||
middleware.AssignForm(form, ctx.Data)
|
middleware.AssignForm(form, ctx.Data)
|
||||||
ctx.HTML(200, tplInstall)
|
ctx.HTML(200, tplInstall)
|
||||||
|
@ -185,6 +187,8 @@ func InstallPost(ctx *context.Context) {
|
||||||
setting.Database.Charset = form.Charset
|
setting.Database.Charset = form.Charset
|
||||||
setting.Database.Path = form.DbPath
|
setting.Database.Path = form.DbPath
|
||||||
|
|
||||||
|
setting.PasswordHashAlgo = form.PasswordAlgorithm
|
||||||
|
|
||||||
if (setting.Database.Type == "sqlite3") &&
|
if (setting.Database.Type == "sqlite3") &&
|
||||||
len(setting.Database.Path) == 0 {
|
len(setting.Database.Path) == 0 {
|
||||||
ctx.Data["Err_DbPath"] = true
|
ctx.Data["Err_DbPath"] = true
|
||||||
|
@ -380,6 +384,9 @@ func InstallPost(ctx *context.Context) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
cfg.Section("security").Key("SECRET_KEY").SetValue(secretKey)
|
cfg.Section("security").Key("SECRET_KEY").SetValue(secretKey)
|
||||||
|
if len(form.PasswordAlgorithm) > 0 {
|
||||||
|
cfg.Section("security").Key("PASSWORD_HASH_ALGO").SetValue(form.PasswordAlgorithm)
|
||||||
|
}
|
||||||
|
|
||||||
err = os.MkdirAll(filepath.Dir(setting.CustomConf), os.ModePerm)
|
err = os.MkdirAll(filepath.Dir(setting.CustomConf), os.ModePerm)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
|
@ -267,6 +267,20 @@
|
||||||
<input id="_no_reply_address" name="no_reply_address" value="{{.no_reply_address}}">
|
<input id="_no_reply_address" name="no_reply_address" value="{{.no_reply_address}}">
|
||||||
<span class="help">{{.i18n.Tr "install.no_reply_address_helper"}}</span>
|
<span class="help">{{.i18n.Tr "install.no_reply_address_helper"}}</span>
|
||||||
</div>
|
</div>
|
||||||
|
<div class="inline field">
|
||||||
|
<label for="password_algorithm">{{.i18n.Tr "install.password_algorithm"}}</label>
|
||||||
|
<div class="ui selection dropdown">
|
||||||
|
<input id="password_algorithm" type="hidden" name="password_algorithm" value="{{.password_algorithm}}">
|
||||||
|
<div class="text">{{.password_algorithm}}</div>
|
||||||
|
{{svg "octicon-triangle-down" 14 "dropdown icon"}}
|
||||||
|
<div class="menu">
|
||||||
|
{{range .PasswordHashAlgorithms}}
|
||||||
|
<div class="item" data-value="{{.}}">{{.}}</div>
|
||||||
|
{{end}}
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<span class="help">{{.i18n.Tr "install.password_algorithm_helper"}}</span>
|
||||||
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue