github
/
halo
mirror of https://github.com/halo-dev/halo
1
0
Fork 0
Code Issues Releases Wiki Activity

Fix the problem of changing password not exist before (#2493) 

#### What type of PR is this?

/kind bug
/area core
/milestone 2.0

#### What this PR does / why we need it:

Fix the problem of changing password not exist before.

#### Which issue(s) this PR fixes:

Partial Fixes https://github.com/halo-dev/halo/issues/2427

#### Special notes for your reviewer:

Steps to test:

1. Create an user and change his/her password
2. Login with the user and the password

#### Does this PR introduce a user-facing change?

```release-note
None
```
pull/2495/head
John Niang 2022-09-30 10:18:20 +08:00 committed by GitHub
parent e8d00e56f4
commit 79bd55424d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 11 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/main/java/run/halo/app/core/extension/service/UserServiceImpl.java
View File

@ -5,6 +5,7 @@ import static run.halo.app.core.extension.RoleBinding.containsUser;
import java.util.Objects; import java.util.Objects;
import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import org.springframework.util.StringUtils;
import reactor.core.publisher.Flux; import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono; import reactor.core.publisher.Mono;
import run.halo.app.core.extension.Role; import run.halo.app.core.extension.Role;
@ -42,7 +43,14 @@ public class UserServiceImpl implements UserService {
@Override @Override
public Mono<User> updateWithRawPassword(String username, String rawPassword) { public Mono<User> updateWithRawPassword(String username, String rawPassword) {
return getUser(username) return getUser(username)
.filter(user -> !passwordEncoder.matches(rawPassword, user.getSpec().getPassword())) .filter(user -> {
if (!StringUtils.hasText(user.getSpec().getPassword())) {
// Check if the old password is set before, or the passwordEncoder#matches
// will complain an error due to null password.
return true;
}
return !passwordEncoder.matches(rawPassword, user.getSpec().getPassword());
})
.flatMap(user -> { .flatMap(user -> {
user.getSpec().setPassword(passwordEncoder.encode(rawPassword)); user.getSpec().setPassword(passwordEncoder.encode(rawPassword));
return client.update(user); return client.update(user);

5
src/test/java/run/halo/app/core/extension/service/UserServiceImplTest.java
View File

@ -229,19 +229,18 @@ class UserServiceImplTest {
@Test @Test
void shouldUpdatePasswordIfNoPasswordBefore() { void shouldUpdatePasswordIfNoPasswordBefore() {
var oldUser = createUser(""); var oldUser = createUser(null);
var newUser = createUser("new-password"); var newUser = createUser("new-password");
when(client.get(User.class, "fake-user")).thenReturn(Mono.just(oldUser)); when(client.get(User.class, "fake-user")).thenReturn(Mono.just(oldUser));
when(client.update(oldUser)).thenReturn(Mono.just(newUser)); when(client.update(oldUser)).thenReturn(Mono.just(newUser));
when(passwordEncoder.matches("new-password", "")).thenReturn(false);
when(passwordEncoder.encode("new-password")).thenReturn("encoded-new-password"); when(passwordEncoder.encode("new-password")).thenReturn("encoded-new-password");
StepVerifier.create(userService.updateWithRawPassword("fake-user", "new-password")) StepVerifier.create(userService.updateWithRawPassword("fake-user", "new-password"))
.expectNext(newUser) .expectNext(newUser)
.verifyComplete(); .verifyComplete();
verify(passwordEncoder).matches("new-password", ""); verify(passwordEncoder, never()).matches("new-password", null);
verify(passwordEncoder).encode("new-password"); verify(passwordEncoder).encode("new-password");
verify(client).update(argThat(extension -> { verify(client).update(argThat(extension -> {
var user = (User) extension; var user = (User) extension;