mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
73bd2e4479
* using authelia hash-password if you provide a salt it doesn't encode it as a base64 string * this causes invalid salts to be stored if a user manually provided one instead of reliance on the automatic generation * additionally bumped the minimum required salt length to 8 as per reference spec * additionally removed the maximum salt length as per reference spec (actually 2^32-1 per int32) * see docs: * https://tools.ietf.org/html/draft-irtf-cfrg-argon2-10 * https://github.com/P-H-C/phc-winner-argon2 * https://github.com/P-H-C/phc-string-format * encode all salts * fix edge case of false positive in CheckPassword * bump crypt version and fix tests |
||
---|---|---|
.. | ||
const.go | ||
file_user_provider_test.go | ||
file_user_provider.go | ||
ldap_connection_factory_mock.go | ||
ldap_connection_factory.go | ||
ldap_user_provider_test.go | ||
ldap_user_provider.go | ||
password_hash_test.go | ||
password_hash.go | ||
types.go | ||
user_provider.go |