Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

Re-hash password to bcrypt upon successful login.

  • Loading branch information...
commit d78647647b87673faabb8252c1749239ff05e890 1 parent ec1260f
Phil Hagelberg authored March 08, 2012

Showing 1 changed file with 4 additions and 0 deletions. Show diff stats Hide diff stats

  1. 4  src/clojars/web/login.clj
4  src/clojars/web/login.clj
@@ -26,5 +26,9 @@
26 26
 (defn login [{username "user" password "password"}]
27 27
   (if-let [user (auth-user username password)]
28 28
     (let [response (redirect "/")]
  29
+      ;; presence of salt indicates sha1'd password, so re-hash to bcrypt
  30
+      (when (not (empty? (:salt user "")))
  31
+        (update-user (:user user) (:email user) (:user user)
  32
+                     password (:ssh_key user)))
29 33
       (assoc-in response [:session :account] (:user user)))
30 34
     (login-form "Incorrect username or password.")))

0 notes on commit d786476

Please sign in to comment.
Something went wrong with that request. Please try again.