1
0
Fork 0
mirror of https://github.com/immich-app/immich.git synced 2025-01-07 12:26:47 +01:00

refactor(server): drop salt column (#1185)

This commit is contained in:
Jason Rasmussen 2022-12-26 23:03:14 -05:00 committed by GitHub
parent 0c896d9e59
commit 4e860b024b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 20 additions and 25 deletions

View file

@ -21,8 +21,7 @@ export class ResetAdminPasswordCommand extends CommandRunner {
let { password } = await this.inquirer.ask<{ password: string }>('prompt-password', undefined); let { password } = await this.inquirer.ask<{ password: string }>('prompt-password', undefined);
password = password || randomBytes(24).toString('base64').replace(/\W/g, ''); password = password || randomBytes(24).toString('base64').replace(/\W/g, '');
const salt = await bcrypt.genSalt(); const hashedPassword = await bcrypt.hash(password, 10);
const hashedPassword = await bcrypt.hash(password, salt);
const user = await this.userRepository.findOne({ where: { isAdmin: true } }); const user = await this.userRepository.findOne({ where: { isAdmin: true } });
if (!user) { if (!user) {
@ -30,7 +29,6 @@ export class ResetAdminPasswordCommand extends CommandRunner {
return; return;
} }
user.salt = salt;
user.password = hashedPassword; user.password = hashedPassword;
user.shouldChangePassword = true; user.shouldChangePassword = true;

View file

@ -7,24 +7,18 @@ import {
NotFoundException, NotFoundException,
UnauthorizedException, UnauthorizedException,
} from '@nestjs/common'; } from '@nestjs/common';
import { genSalt, hash } from 'bcrypt'; import { hash } from 'bcrypt';
import { createReadStream, constants, ReadStream } from 'fs'; import { createReadStream, constants, ReadStream } from 'fs';
import fs from 'fs/promises'; import fs from 'fs/promises';
import { AuthUserDto } from '../../decorators/auth-user.decorator'; import { AuthUserDto } from '../../decorators/auth-user.decorator';
import { CreateAdminDto, CreateUserDto, CreateUserOAuthDto } from './dto/create-user.dto'; import { CreateAdminDto, CreateUserDto, CreateUserOAuthDto } from './dto/create-user.dto';
import { IUserRepository, UserListFilter } from './user-repository'; import { IUserRepository, UserListFilter } from './user-repository';
const SALT_ROUNDS = 10;
export class UserCore { export class UserCore {
constructor(private userRepository: IUserRepository) {} constructor(private userRepository: IUserRepository) {}
private async generateSalt(): Promise<string> {
return genSalt();
}
private async hashPassword(password: string, salt: string): Promise<string> {
return hash(password, salt);
}
async updateUser(authUser: AuthUserDto, id: string, dto: Partial<UserEntity>): Promise<UserEntity> { async updateUser(authUser: AuthUserDto, id: string, dto: Partial<UserEntity>): Promise<UserEntity> {
if (!(authUser.isAdmin || authUser.id === id)) { if (!(authUser.isAdmin || authUser.id === id)) {
throw new ForbiddenException('You are not allowed to update this user'); throw new ForbiddenException('You are not allowed to update this user');
@ -36,9 +30,7 @@ export class UserCore {
try { try {
if (dto.password) { if (dto.password) {
const salt = await this.generateSalt(); dto.password = await hash(dto.password, SALT_ROUNDS);
dto.salt = salt;
dto.password = await this.hashPassword(dto.password, salt);
} }
return this.userRepository.update(id, dto); return this.userRepository.update(id, dto);
} catch (e) { } catch (e) {
@ -63,9 +55,7 @@ export class UserCore {
try { try {
const payload: Partial<UserEntity> = { ...createUserDto }; const payload: Partial<UserEntity> = { ...createUserDto };
if (payload.password) { if (payload.password) {
const salt = await this.generateSalt(); payload.password = await hash(payload.password, SALT_ROUNDS);
payload.salt = salt;
payload.password = await this.hashPassword(payload.password, salt);
} }
return this.userRepository.create(payload); return this.userRepository.create(payload);
} catch (e) { } catch (e) {

View file

@ -27,7 +27,6 @@ describe('UserService', () => {
id: adminUserAuth.id, id: adminUserAuth.id,
email: 'admin@test.com', email: 'admin@test.com',
password: 'admin_password', password: 'admin_password',
salt: 'admin_salt',
firstName: 'admin_first_name', firstName: 'admin_first_name',
lastName: 'admin_last_name', lastName: 'admin_last_name',
isAdmin: true, isAdmin: true,
@ -42,7 +41,6 @@ describe('UserService', () => {
id: immichUserAuth.id, id: immichUserAuth.id,
email: 'immich@test.com', email: 'immich@test.com',
password: 'immich_password', password: 'immich_password',
salt: 'immich_salt',
firstName: 'immich_first_name', firstName: 'immich_first_name',
lastName: 'immich_last_name', lastName: 'immich_last_name',
isAdmin: false, isAdmin: false,
@ -57,7 +55,6 @@ describe('UserService', () => {
id: immichUserAuth.id, id: immichUserAuth.id,
email: 'immich@test.com', email: 'immich@test.com',
password: 'immich_password', password: 'immich_password',
salt: 'immich_salt',
firstName: 'updated_immich_first_name', firstName: 'updated_immich_first_name',
lastName: 'updated_immich_last_name', lastName: 'updated_immich_last_name',
isAdmin: false, isAdmin: false,

View file

@ -51,7 +51,6 @@ describe('ImmichJwtService', () => {
isAdmin: false, isAdmin: false,
email: 'test@immich.com', email: 'test@immich.com',
password: 'changeme', password: 'changeme',
salt: '123',
oauthId: '', oauthId: '',
profileImagePath: '', profileImagePath: '',
shouldChangePassword: false, shouldChangePassword: false,

View file

@ -21,9 +21,6 @@ export class UserEntity {
@Column({ default: '', select: false }) @Column({ default: '', select: false })
password?: string; password?: string;
@Column({ default: '', select: false })
salt?: string;
@Column({ default: '' }) @Column({ default: '' })
oauthId!: string; oauthId!: string;

View file

@ -0,0 +1,14 @@
import { MigrationInterface, QueryRunner } from "typeorm";
export class DropSaltColumn1672109862870 implements MigrationInterface {
name = 'DropSaltColumn1672109862870'
public async up(queryRunner: QueryRunner): Promise<void> {
await queryRunner.query(`ALTER TABLE "users" DROP COLUMN "salt"`);
}
public async down(queryRunner: QueryRunner): Promise<void> {
await queryRunner.query(`ALTER TABLE "users" ADD "salt" character varying NOT NULL DEFAULT ''`);
}
}