HAM/Berufsschule_HAM
1
0
Fork 1
mirror of https://github.com/LD-Reborn/Berufsschule_HAM.git synced 2025-12-20 06:51:55 +00:00
Code Issues Packages Projects 1 Releases Wiki Activity

Added settings model, added settings migration, added LDAP salted hashes

Browse Source
This commit is contained in:
LD-Reborn
2025-11-02 13:39:28 +01:00
parent 0a6413d106
commit 5b5fcd6322
5 changed files with 123 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/Controllers/UsersController.cs
View File

@@ -69,6 +69,7 @@ public class UsersController : Controller
}
try
{
Task<AdminSettingsModel> settingsTask = _ldap.GetAdminSettingsModelAsync();
string? jpegPhoto = requestModel.JpegPhoto;
string? title = requestModel.Title;
string userPassword = requestModel.UserPassword ?? "";
@@ -79,9 +80,10 @@ public class UsersController : Controller
description ??= new() {Address = new(), BirthDate = "", Workplace = "", Groups = []};
if (!userPassword.StartsWith('{'))
{
AdminSettingsModel settings = await settingsTask;
byte[] passwordBytes = Encoding.UTF8.GetBytes(userPassword);
byte[] hashedPassword = SHA256.HashData(passwordBytes);
userPassword = "{SHA256}" + Convert.ToBase64String(hashedPassword);
byte[] hashedPassword = settings.hashAlgorithm?.ComputeHash(passwordBytes) ?? throw new Exception("Hash algorithm not instantiated yet");
userPassword = $"{{{settings.DefaultHashAlgorithm.ToUpperInvariant()}}}{Convert.ToBase64String(hashedPassword)}";
}
LdapAttributeSet attributeSet =
@@ -115,6 +117,7 @@ public class UsersController : Controller
}
try
{
Task<AdminSettingsModel> settingsTask = _ldap.GetAdminSettingsModelAsync();
string uid = requestModel.Uid;
UserModel? user = null;
if (requestModel.NewUid is not null && requestModel.NewUid.Length > 0)
@@ -136,7 +139,11 @@ public class UsersController : Controller
}
if (requestModel.UserPassword is not null && requestModel.UserPassword.Length > 0)
{
await _ldap.UpdateUser(uid, "userPassword", "{SHA256}" + Convert.ToBase64String(SHA256.HashData(Encoding.UTF8.GetBytes(requestModel.UserPassword))));
AdminSettingsModel settings = await settingsTask;
byte[] passwordBytes = Encoding.UTF8.GetBytes(requestModel.UserPassword);
byte[] hashedPassword = settings.hashAlgorithm?.ComputeHash(passwordBytes) ?? throw new Exception("Hash algorithm not instantiated yet");
requestModel.UserPassword = $"{{{settings.DefaultHashAlgorithm.ToUpperInvariant()}}}{Convert.ToBase64String(hashedPassword)}";
await _ldap.UpdateUser(uid, "userPassword", requestModel.UserPassword);
}
string newUid = uid;