Fix resetting password
This commit is contained in:
parent
c2d1c705ac
commit
93cfc4da05
3 changed files with 4 additions and 4 deletions
|
@ -244,7 +244,7 @@ func resetAccount(mailServer string, resetSalt string, email []byte) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
func confirmResetAccount(resetSalt string, id int, key string) (string, error) {
|
||||
func confirmResetAccount(resetSalt string, passwordSalt string, id int, key string) (string, error) {
|
||||
if db == nil {
|
||||
return "", nil
|
||||
} else if id == 0 {
|
||||
|
@ -282,7 +282,7 @@ func confirmResetAccount(resetSalt string, id int, key string) (string, error) {
|
|||
|
||||
newPassword := randomAlphanumeric(7)
|
||||
|
||||
passwordHash, err := argon2id.CreateHash(newPassword, passwordArgon2id)
|
||||
passwordHash, err := argon2id.CreateHash(newPassword+passwordSalt, passwordArgon2id)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
|
|
@ -27,7 +27,7 @@ func resetAccount(mailServer string, resetSalt string, email []byte) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
func confirmResetAccount(resetSalt string, id int, key string) (string, error) {
|
||||
func confirmResetAccount(resetSalt string, passwordSalt string, id int, key string) (string, error) {
|
||||
return "", nil
|
||||
}
|
||||
|
||||
|
|
|
@ -148,7 +148,7 @@ func (s *server) handleResetPassword(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
key := vars["key"]
|
||||
|
||||
newPassword, err := confirmResetAccount(s.resetSalt, id, key)
|
||||
newPassword, err := confirmResetAccount(s.resetSalt, s.passwordSalt, id, key)
|
||||
if err != nil {
|
||||
log.Printf("failed to reset password: %s", err)
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue