mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
73bd2e4479
* using authelia hash-password if you provide a salt it doesn't encode it as a base64 string * this causes invalid salts to be stored if a user manually provided one instead of reliance on the automatic generation * additionally bumped the minimum required salt length to 8 as per reference spec * additionally removed the maximum salt length as per reference spec (actually 2^32-1 per int32) * see docs: * https://tools.ietf.org/html/draft-irtf-cfrg-argon2-10 * https://github.com/P-H-C/phc-winner-argon2 * https://github.com/P-H-C/phc-string-format * encode all salts * fix edge case of false positive in CheckPassword * bump crypt version and fix tests |
||
|---|---|---|
| .. | ||
| authentication_test.go | ||
| authentication.go | ||
| configuration_test.go | ||
| configuration.go | ||
| const.go | ||
| keys_test.go | ||
| keys.go | ||
| notifier_test.go | ||
| notifier.go | ||
| regulation_test.go | ||
| regulation.go | ||
| secrets.go | ||
| server_test.go | ||
| server.go | ||
| session_test.go | ||
| session.go | ||
| storage_test.go | ||
| storage.go | ||
| totp_test.go | ||
| totp.go | ||