Nosial/socialbox-php
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix password hash assignment and update timestamp format in PasswordManager

Browse source
This commit is contained in:
netkas 2025-03-28 15:01:13 -04:00
parent 8046b8a8a2
commit be25ea49f9
Signed by: netkas
GPG key ID: 4D8629441B76E4CC
3 changed files with 8 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/Socialbox/Managers/PasswordManager.php
View file

@ -122,7 +122,7 @@
try try
{ {
$stmt = Database::getConnection()->prepare("UPDATE authentication_passwords SET hash=:hash, updated=:updated WHERE peer_uuid=:peer_uuid"); $stmt = Database::getConnection()->prepare("UPDATE authentication_passwords SET hash=:hash, updated=:updated WHERE peer_uuid=:peer_uuid");
$updated = (new DateTime())->setTimestamp(time()); $updated = (new DateTime())->setTimestamp(time())->format('Y-m-d H:i:s');
$stmt->bindParam(':hash', $securedPassword); $stmt->bindParam(':hash', $securedPassword);
$stmt->bindParam(':updated', $updated); $stmt->bindParam(':updated', $updated);
$stmt->bindParam(':peer_uuid', $peerUuid); $stmt->bindParam(':peer_uuid', $peerUuid);

2
src/Socialbox/SocialClient.php
View file

@ -1263,7 +1263,7 @@
{ {
if($hash) if($hash)
{ {
$existingPassword = hash('sha512', $password); $existingPassword = hash('sha512', $existingPassword);
$password = Cryptography::hashPassword($password); $password = Cryptography::hashPassword($password);
} }

8
tests/Socialbox/SettingsTest.php
View file

@ -645,7 +645,6 @@
$this->assertTrue($testClient->settingsSetPassword('SecretTestingPassword123')); $this->assertTrue($testClient->settingsSetPassword('SecretTestingPassword123'));
$this->assertTrue($testClient->getSessionState()->isAuthenticated()); $this->assertTrue($testClient->getSessionState()->isAuthenticated());
$signingKeys = [];
$this->expectException(RpcException::class); $this->expectException(RpcException::class);
$this->expectExceptionCode(StandardError::FORBIDDEN->value); $this->expectExceptionCode(StandardError::FORBIDDEN->value);
for($i = 0; $i < 25; $i++) for($i = 0; $i < 25; $i++)
@ -653,7 +652,6 @@
$signingKeypair = Cryptography::generateSigningKeyPair(); $signingKeypair = Cryptography::generateSigningKeyPair();
$signatureUuid = $testClient->settingsAddSignature($signingKeypair->getPublicKey()); $signatureUuid = $testClient->settingsAddSignature($signingKeypair->getPublicKey());
$this->assertNotNull($signatureUuid); $this->assertNotNull($signatureUuid);
$signingKeys[$signatureUuid] = $signingKeypair;
} }
} }
@ -719,6 +717,12 @@
} }
} }
/**
* @throws DatabaseOperationException
* @throws ResolutionException
* @throws CryptographyException
* @throws RpcException
*/
public function testSettingsUpdatePassword(): void public function testSettingsUpdatePassword(): void
{ {
$testClient = Helper::generateRandomClient(COFFEE_DOMAIN, prefix: 'testSettingsAddExceedingSigningKeys'); $testClient = Helper::generateRandomClient(COFFEE_DOMAIN, prefix: 'testSettingsAddExceedingSigningKeys');