Revision 0a3ba8ac
| ID | 0a3ba8aca91622feaf6f690fa1ebe266ef653bc7 |
| Parent | 91bb9315 |
| Child | 2e8dc65f |
Bug #2503: Improve setting of password/auth_driver
UserChangePassword followed this strategy:
a1. Eventually encrypt user password if the users
auth_driver is CORE_AUTH
a2. Set (probably encrypted) password with
User::set_password
a3. User::set_password tries to validate (probably
encrypted) password instead of the raw password
UserChangeAuth did something similar:
b1. If password is given (not empty) do a1 through a3
b2. Set auth_driver
The change proposes the following:
* In set_password:
1. Validate the raw password
2. Do encryption if needed
* In UserChangePassword: simply call set_password
* In UserChangeAuth: set auth_driver before calling
set_password, such that set_password does the right thing
if the auth_driver changes
Note: I needed to move the implementation of set_password
from User.h to User.cc since it seems impossible to access
UserPool::CORE_AUTH from within User.h.
Files
- added
- modified
- copied
- renamed
- deleted