Nemcio/GitBucket
1
0
Fork 0
mirror of https://github.com/gitbucket/gitbucket.git synced 2025-11-06 13:35:50 +01:00
Code Issues Packages Projects Releases Wiki Activity

Encrypt password.

Browse Source
This commit is contained in:
takezoe
2013-06-29 15:13:20 +09:00
parent cd2486344f
commit 10f2cbbc3e
5 changed files with 39 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/main/resources/update/1_0.sql
View File

@@ -1,7 +1,7 @@
CREATE TABLE ACCOUNT( CREATE TABLE ACCOUNT(
USER_NAME VARCHAR(100) NOT NULL, USER_NAME VARCHAR(100) NOT NULL,
MAIL_ADDRESS VARCHAR(100) NOT NULL, MAIL_ADDRESS VARCHAR(100) NOT NULL,
PASSWORD VARCHAR(20) NOT NULL, PASSWORD VARCHAR(40) NOT NULL,
ADMINISTRATOR BOOLEAN NOT NULL, ADMINISTRATOR BOOLEAN NOT NULL,
URL VARCHAR(200), URL VARCHAR(200),
REGISTERED_DATE TIMESTAMP NOT NULL, REGISTERED_DATE TIMESTAMP NOT NULL,
@@ -10,8 +10,8 @@ CREATE TABLE ACCOUNT(
); );
CREATE TABLE REPOSITORY( CREATE TABLE REPOSITORY(
REPOSITORY_NAME VARCHAR(100) NOT NULL,
USER_NAME VARCHAR(100) NOT NULL, USER_NAME VARCHAR(100) NOT NULL,
REPOSITORY_NAME VARCHAR(100) NOT NULL,
PRIVATE BOOLEAN NOT NULL, PRIVATE BOOLEAN NOT NULL,
DESCRIPTION TEXT, DESCRIPTION TEXT,
DEFAULT_BRANCH VARCHAR(100), DEFAULT_BRANCH VARCHAR(100),
@@ -21,8 +21,8 @@ CREATE TABLE REPOSITORY(
); );
CREATE TABLE COLLABORATOR( CREATE TABLE COLLABORATOR(
REPOSITORY_NAME VARCHAR(100) NOT NULL,
USER_NAME VARCHAR(100) NOT NULL, USER_NAME VARCHAR(100) NOT NULL,
REPOSITORY_NAME VARCHAR(100) NOT NULL,
COLLABORATOR_NAME VARCHAR(100) NOT NULL COLLABORATOR_NAME VARCHAR(100) NOT NULL
); );
@@ -85,11 +85,11 @@ CREATE TABLE MILESTONE(
ALTER TABLE ACCOUNT ADD CONSTRAINT IDX_ACCOUNT_PK PRIMARY KEY (USER_NAME); ALTER TABLE ACCOUNT ADD CONSTRAINT IDX_ACCOUNT_PK PRIMARY KEY (USER_NAME);
ALTER TABLE ACCOUNT ADD CONSTRAINT IDX_ACCOUNT_1 UNIQUE (MAIL_ADDRESS); ALTER TABLE ACCOUNT ADD CONSTRAINT IDX_ACCOUNT_1 UNIQUE (MAIL_ADDRESS);
ALTER TABLE REPOSITORY ADD CONSTRAINT IDX_REPOSITORY_PK PRIMARY KEY (REPOSITORY_NAME, USER_NAME); ALTER TABLE REPOSITORY ADD CONSTRAINT IDX_REPOSITORY_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME);
ALTER TABLE REPOSITORY ADD CONSTRAINT IDX_REPOSITORY_FK0 FOREIGN KEY (USER_NAME) REFERENCES ACCOUNT (USER_NAME); ALTER TABLE REPOSITORY ADD CONSTRAINT IDX_REPOSITORY_FK0 FOREIGN KEY (USER_NAME) REFERENCES ACCOUNT (USER_NAME);
ALTER TABLE COLLABORATOR ADD CONSTRAINT IDX_COLLABORATOR_PK PRIMARY KEY (REPOSITORY_NAME, USER_NAME); ALTER TABLE COLLABORATOR ADD CONSTRAINT IDX_COLLABORATOR_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME);
ALTER TABLE COLLABORATOR ADD CONSTRAINT IDX_COLLABORATOR_FK0 FOREIGN KEY (REPOSITORY_NAME, USER_NAME) REFERENCES REPOSITORY (REPOSITORY_NAME, USER_NAME); ALTER TABLE COLLABORATOR ADD CONSTRAINT IDX_COLLABORATOR_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME) REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME);
ALTER TABLE COLLABORATOR ADD CONSTRAINT IDX_COLLABORATOR_FK1 FOREIGN KEY (COLLABORATOR_NAME) REFERENCES ACCOUNT (USER_NAME); ALTER TABLE COLLABORATOR ADD CONSTRAINT IDX_COLLABORATOR_FK1 FOREIGN KEY (COLLABORATOR_NAME) REFERENCES ACCOUNT (USER_NAME);
ALTER TABLE ISSUE ADD CONSTRAINT IDX_ISSUE_PK PRIMARY KEY (ISSUE_ID, USER_NAME, REPOSITORY_NAME); ALTER TABLE ISSUE ADD CONSTRAINT IDX_ISSUE_PK PRIMARY KEY (ISSUE_ID, USER_NAME, REPOSITORY_NAME);
@@ -125,7 +125,7 @@ INSERT INTO ACCOUNT (
) VALUES ( ) VALUES (
'root', 'root',
'root@localhost', 'root@localhost',
'root', 'dc76e9f0c0006e8f919e0c515c66dbba3982f785',
true, true,
'https://github.com/takezoe/gitbucket', 'https://github.com/takezoe/gitbucket',
SYSDATE, SYSDATE,

5
src/main/scala/app/AccountController.scala
View File

@@ -2,6 +2,7 @@ package app
import service._ import service._
import util.OwnerOnlyAuthenticator import util.OwnerOnlyAuthenticator
import util.StringUtil._
import jp.sf.amateras.scalatra.forms._ import jp.sf.amateras.scalatra.forms._
class AccountController extends AccountControllerBase class AccountController extends AccountControllerBase
@@ -46,7 +47,7 @@ trait AccountControllerBase extends ControllerBase {
val userName = params("userName") val userName = params("userName")
getAccountByUserName(userName).map { account => getAccountByUserName(userName).map { account =>
updateAccount(account.copy( updateAccount(account.copy(
password = form.password.getOrElse(account.password), password = form.password.map(encrypt).getOrElse(account.password),
mailAddress = form.mailAddress, mailAddress = form.mailAddress,
url = form.url)) url = form.url))
redirect("/%s".format(userName)) redirect("/%s".format(userName))
@@ -61,7 +62,7 @@ trait AccountControllerBase extends ControllerBase {
post("/register", newForm){ newForm => post("/register", newForm){ newForm =>
if(loadSystemSettings().allowAccountRegistration){ if(loadSystemSettings().allowAccountRegistration){
createAccount(newForm.userName, newForm.password, newForm.mailAddress, false, newForm.url) createAccount(newForm.userName, encrypt(newForm.password), newForm.mailAddress, false, newForm.url)
redirect("/signin") redirect("/signin")
} else NotFound } else NotFound
} }

5
src/main/scala/app/SignInController.scala
View File

@@ -1,6 +1,7 @@
package app package app
import service._ import service._
import util.StringUtil._
import jp.sf.amateras.scalatra.forms._ import jp.sf.amateras.scalatra.forms._
class SignInController extends SignInControllerBase with SystemSettingsService with AccountService class SignInController extends SignInControllerBase with SystemSettingsService with AccountService
@@ -16,7 +17,7 @@ trait SignInControllerBase extends ControllerBase { self: SystemSettingsService
get("/signin"){ get("/signin"){
val queryString = request.getQueryString val queryString = request.getQueryString
if(queryString.startsWith("/")){ if(queryString != null && queryString.startsWith("/")){
session.setAttribute("REDIRECT", queryString) session.setAttribute("REDIRECT", queryString)
} }
html.signin(loadSystemSettings()) html.signin(loadSystemSettings())
@@ -24,7 +25,7 @@ trait SignInControllerBase extends ControllerBase { self: SystemSettingsService
post("/signin", form){ form => post("/signin", form){ form =>
val account = getAccountByUserName(form.userName) val account = getAccountByUserName(form.userName)
if(account.isEmpty || account.get.password != form.password){ if(account.isEmpty || account.get.password != encrypt(form.password)){
redirect("/signin") redirect("/signin")
} else { } else {
session.setAttribute("LOGIN_ACCOUNT", account.get) session.setAttribute("LOGIN_ACCOUNT", account.get)

27
src/main/scala/app/UserManagementController.scala
View File

@@ -1,31 +1,32 @@
package app package app
import model._
import service._ import service._
import util.AdminOnlyAuthenticator import util.AdminOnlyAuthenticator
import util.StringUtil._
import jp.sf.amateras.scalatra.forms._ import jp.sf.amateras.scalatra.forms._
class UserManagementController extends UserManagementControllerBase with AccountService with AdminOnlyAuthenticator class UserManagementController extends UserManagementControllerBase with AccountService with AdminOnlyAuthenticator
trait UserManagementControllerBase extends ControllerBase { self: AccountService with AdminOnlyAuthenticator => trait UserManagementControllerBase extends ControllerBase { self: AccountService with AdminOnlyAuthenticator =>
case class UserForm(userName: String, password: String, mailAddress: String, isAdmin: Boolean, url: Option[String]) case class UserNewForm(userName: String, password: String, mailAddress: String, isAdmin: Boolean, url: Option[String])
case class UserEditForm(userName: String, password: Option[String], mailAddress: String, isAdmin: Boolean, url: Option[String])
val newForm = mapping( val newForm = mapping(
"userName" -> trim(label("Username" , text(required, maxlength(100), identifier, unique))), "userName" -> trim(label("Username" , text(required, maxlength(100), identifier, unique))),
"password" -> trim(label("Password" , text(required, maxlength(100)))), "password" -> trim(label("Password" , text(required, maxlength(20)))),
"mailAddress" -> trim(label("Mail Address" , text(required, maxlength(100)))), "mailAddress" -> trim(label("Mail Address" , text(required, maxlength(100)))),
"isAdmin" -> trim(label("User Type" , boolean())), "isAdmin" -> trim(label("User Type" , boolean())),
"url" -> trim(label("URL" , optional(text(maxlength(200))))) "url" -> trim(label("URL" , optional(text(maxlength(200)))))
)(UserForm.apply) )(UserNewForm.apply)
val editForm = mapping( val editForm = mapping(
"userName" -> trim(label("Username" , text(required, maxlength(100), identifier))), "userName" -> trim(label("Username" , text(required, maxlength(100), identifier))),
"password" -> trim(label("Password" , text(required, maxlength(100)))), "password" -> trim(label("Password" , optional(text(maxlength(20))))),
"mailAddress" -> trim(label("Mail Address" , text(required, maxlength(100)))), "mailAddress" -> trim(label("Mail Address" , text(required, maxlength(100)))),
"isAdmin" -> trim(label("User Type" , boolean())), "isAdmin" -> trim(label("User Type" , boolean())),
"url" -> trim(label("URL" , optional(text(maxlength(200))))) "url" -> trim(label("URL" , optional(text(maxlength(200)))))
)(UserForm.apply) )(UserEditForm.apply)
get("/admin/users")(adminOnly { get("/admin/users")(adminOnly {
admin.html.userlist(getAllUsers()) admin.html.userlist(getAllUsers())
@@ -36,7 +37,7 @@ trait UserManagementControllerBase extends ControllerBase { self: AccountService
}) })
post("/admin/users/_new", newForm)(adminOnly { form => post("/admin/users/_new", newForm)(adminOnly { form =>
createAccount(form.userName, form.password, form.mailAddress, form.isAdmin, form.url) createAccount(form.userName, encrypt(form.password), form.mailAddress, form.isAdmin, form.url)
redirect("/admin/users") redirect("/admin/users")
}) })
@@ -47,13 +48,15 @@ trait UserManagementControllerBase extends ControllerBase { self: AccountService
post("/admin/users/:name/_edit", editForm)(adminOnly { form => post("/admin/users/:name/_edit", editForm)(adminOnly { form =>
val userName = params("userName") val userName = params("userName")
updateAccount(getAccountByUserName(userName).get.copy( getAccountByUserName(userName).map { account =>
password = form.password, updateAccount(getAccountByUserName(userName).get.copy(
password = form.password.map(encrypt).getOrElse(account.password),
mailAddress = form.mailAddress, mailAddress = form.mailAddress,
isAdmin = form.isAdmin, isAdmin = form.isAdmin,
url = form.url)) url = form.url))
redirect("/admin/users") redirect("/admin/users")
} getOrElse NotFound
}) })
private def unique: Constraint = new Constraint(){ private def unique: Constraint = new Constraint(){

11
src/main/scala/util/StringUtil.scala Normal file
View File

@@ -0,0 +1,11 @@
package util
object StringUtil {
def encrypt(value: String): String = {
val md = java.security.MessageDigest.getInstance("SHA-1")
md.update(value.getBytes)
md.digest.map(b => "%02x".format(b)).mkString
}
}