From a797494aa3c44e3ca2894c32858dc221997ccb44 Mon Sep 17 00:00:00 2001 From: Andy Hsu Date: Mon, 7 Aug 2023 18:51:54 +0800 Subject: [PATCH] fix: missed update user's password --- internal/model/user.go | 2 +- server/handles/auth.go | 2 +- server/handles/user.go | 8 +++++++- 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/internal/model/user.go b/internal/model/user.go index a7236135..b528bf59 100644 --- a/internal/model/user.go +++ b/internal/model/user.go @@ -22,7 +22,7 @@ type User struct { Username string `json:"username" gorm:"unique" binding:"required"` // username PwdHash string `json:"-"` // password hash Salt string // unique salt - Password string `json:"-"` // Deprecated password + Password string `json:"password"` // password BasePath string `json:"base_path"` // base path Role int `json:"role"` // user's role Disabled bool `json:"disabled"` diff --git a/server/handles/auth.go b/server/handles/auth.go index 235a575e..37ae736c 100644 --- a/server/handles/auth.go +++ b/server/handles/auth.go @@ -115,7 +115,7 @@ func UpdateCurrent(c *gin.Context) { user := c.MustGet("user").(*model.User) user.Username = req.Username if req.Password != "" { - user.Password = req.Password + user.SetPassword(req.Password) } user.SsoID = req.SsoID if err := op.UpdateUser(user); err != nil { diff --git a/server/handles/user.go b/server/handles/user.go index b06b4254..2220648f 100644 --- a/server/handles/user.go +++ b/server/handles/user.go @@ -39,6 +39,8 @@ func CreateUser(c *gin.Context) { common.ErrorStrResp(c, "admin or guest user can not be created", 400, true) return } + req.SetPassword(req.Password) + req.Password = "" if err := op.CreateUser(&req); err != nil { common.ErrorResp(c, err, 500, true) } else { @@ -62,7 +64,11 @@ func UpdateUser(c *gin.Context) { return } if req.Password == "" { - req.Password = user.Password + req.PwdHash = user.PwdHash + req.Salt = user.Salt + } else { + req.SetPassword(req.Password) + req.Password = "" } if req.OtpSecret == "" { req.OtpSecret = user.OtpSecret