Remove client-side password crypto from JS tests#154
Closed
KlausTrainer wants to merge 1 commit intoapache:masterfrom
Closed
Remove client-side password crypto from JS tests#154KlausTrainer wants to merge 1 commit intoapache:masterfrom
KlausTrainer wants to merge 1 commit intoapache:masterfrom
Conversation
This removes client-side password crypto from the JavaScript tests. In some JavaScript tests, it has been assumed that SHA-1 is used for the password hash in user docs. Those tests should, however, not rely on implementation details of the user authentication hash function, as it isn't the goal of those tests to check these. Furthermore, this causes problems when a password scheme is changed, or a new one is introduced. This work clears the way for solving COUCHDB-1780 (upgrade users password hash on login). It will prevent problems with tests that would fail because they'd be relying on an old password scheme when a mechanism for upgrading user docs to a newer password scheme is introduced.
Contributor
Author
|
Closing it. This will be part of #152. |
nickva
pushed a commit
to cloudant/couchdb
that referenced
this pull request
Apr 21, 2017
This closes apache#154 Signed-off-by: ILYA Khlopotov <iilyak@ca.ibm.com>
lag-linaro
pushed a commit
to lag-linaro/couchdb
that referenced
this pull request
Oct 25, 2018
Fix update-deps with certain forms of the {tag, ...} type
janl
pushed a commit
that referenced
this pull request
Jan 5, 2020
nickva
pushed a commit
to nickva/couchdb
that referenced
this pull request
Sep 7, 2022
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This removes client-side password crypto from the JavaScript tests.
In some JavaScript tests, it has been assumed that SHA-1 is used for the
password hash in user docs. Those tests should, however, not rely on
implementation details of the user authentication hash function, as it
isn't the goal of those tests to check these. Furthermore, this causes
problems when a password scheme is changed, or a new one is introduced.
This work clears the way for solving COUCHDB-1780 (upgrade users
password hash on login). It will prevent problems with tests that would
fail because they'd be relying on an old password scheme when a
mechanism for upgrading user docs to a newer password scheme is
introduced.