TeamPiped-mirror/Piped-Backend
1
0
Fork 0
mirror of https://github.com/TeamPiped/Piped-Backend.git synced 2024-08-14 23:51:41 +00:00
Code Issues Projects Releases Packages Wiki Activity

Add support for legacy bcrypt hashes from Invidious

Browse source
This commit is contained in:
FireMasterK 2021-10-03 09:02:01 +01:00
parent cc3976b454
commit 08aeefa099
No known key found for this signature in database
GPG key ID: 49451E4482CC5BCD
1 changed files with 15 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
src/main/java/me/kavin/piped/utils/ResponseHelper.java
View file

@ -55,6 +55,7 @@ import org.schabi.newpipe.extractor.stream.StreamInfo;
import org.schabi.newpipe.extractor.stream.StreamInfoItem;
import org.schabi.newpipe.extractor.stream.StreamType;
import org.springframework.security.crypto.argon2.Argon2PasswordEncoder;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.github.benmanes.caffeine.cache.Caffeine;
@ -559,6 +560,8 @@ public class ResponseHelper {
}
private static final BCryptPasswordEncoder bcryptPasswordEncoder = new BCryptPasswordEncoder();
public static final byte[] loginResponse(String user, String pass)
throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
@ -575,9 +578,18 @@ public class ResponseHelper {
User dbuser = s.createQuery(cr).uniqueResult();
if (dbuser != null && argon2PasswordEncoder.matches(pass, dbuser.getPassword())) {
s.close();
return Constants.mapper.writeValueAsBytes(new LoginResponse(dbuser.getSessionId()));
String hash = dbuser.getPassword();
if (dbuser != null) {
if (hash.startsWith("$argon2") && argon2PasswordEncoder.matches(pass, hash)) {
s.close();
return Constants.mapper.writeValueAsBytes(new LoginResponse(dbuser.getSessionId()));
}
if (bcryptPasswordEncoder.matches(pass, hash)) {
s.close();
return Constants.mapper.writeValueAsBytes(new LoginResponse(dbuser.getSessionId()));
}
}
s.close();