verdnatura-mirror
/
loopback
mirror of https://github.com/strongloop/loopback.git
0
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

handle $2b$ in hashed password check 

bcrypt made $2b$ the default in bcrypt 2.0.0
This commit is contained in:
Sylvain Dumont 2019-02-23 16:14:24 +01:00 committed by GitHub
parent 1e33ec596f
commit 4226da5fc4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
common/models/user.js
View File

@ -1089,7 +1089,7 @@ module.exports = function(User) {
if (typeof plain !== 'string') { if (typeof plain !== 'string') {
return; return;
} }
if (plain.indexOf('$2a$') === 0 && plain.length === 60) { if ((plain.indexOf('$2a$') === 0 || plain.indexOf('$2b$') === 0) && plain.length === 60) {
// The password is already hashed. It can be the case // The password is already hashed. It can be the case
// when the instance is loaded from DB // when the instance is loaded from DB
this.$password = plain; this.$password = plain;