rudder icon indicating copy to clipboard operation
rudder copied to clipboard
verified publisher icon Normation

Fixes #26996: Add argon2id support for local hash

Open amousset opened this issue 7 months ago • 10 comments

https://issues.rudder.io/issues/26996

  • The way the migration currently works prevent users from modifying the hash algorithm used for new passwords as the value is overridden at each file load. I just updated the tests to hardcoded argon2id value instead of bcrypt as it should be transparent for users.
  • Removing verifyHash which does not appear to be used, and I don't see any reason to do this kind of check.
  • Improved a bit the tests. Especially check that wrong passwords are not accepted.
  • Centralize configuration values in PasswordEncoderType.

amousset avatar May 28 '25 22:05 amousset

PR updated with a new commit

amousset avatar May 30 '25 14:05 amousset

PR updated with a new commit

amousset avatar Jun 03 '25 07:06 amousset

PR updated with a new commit

amousset avatar Jun 18 '25 07:06 amousset

PR updated with a new commit

amousset avatar Jun 18 '25 12:06 amousset

PR updated with a new commit

amousset avatar Jun 18 '25 13:06 amousset

PR updated with a new commit

amousset avatar Jun 18 '25 14:06 amousset

PR updated with a new commit

amousset avatar Jun 18 '25 14:06 amousset

PR updated with a new commit

amousset avatar Jun 18 '25 14:06 amousset

PR updated with a new commit

amousset avatar Jun 18 '25 14:06 amousset

PR updated with a new commit

amousset avatar Jun 18 '25 14:06 amousset

PR updated with a new commit

amousset avatar Jun 22 '25 23:06 amousset

PR updated with a new commit

amousset avatar Jun 23 '25 06:06 amousset

PR updated with a new commit

amousset avatar Jun 23 '25 07:06 amousset

PR updated with a new commit

amousset avatar Jun 24 '25 15:06 amousset

PR updated with a new commit

amousset avatar Jun 24 '25 15:06 amousset

PR updated with a new commit

amousset avatar Jun 24 '25 16:06 amousset

PR updated with a new commit

amousset avatar Jun 24 '25 17:06 amousset

PR updated with a new commit

amousset avatar Jun 24 '25 17:06 amousset

PR updated with a new commit

amousset avatar Jun 24 '25 21:06 amousset

PR updated with a new commit

amousset avatar Jun 25 '25 18:06 amousset

PR updated with a new commit

amousset avatar Jun 25 '25 20:06 amousset

PR updated with a new commit

amousset avatar Jun 25 '25 21:06 amousset

PR updated with a new commit

amousset avatar Jun 26 '25 10:06 amousset

PR updated with a new commit

amousset avatar Jun 26 '25 10:06 amousset

LGTM, appart the magnitude factor in the memory parameter in argon algo

fanf avatar Jun 26 '25 10:06 fanf

PR updated with a new commit

amousset avatar Jun 26 '25 13:06 amousset

PR updated with a new commit

amousset avatar Jun 26 '25 13:06 amousset

OK, squash merging this PR

Normation-Quality-Assistant avatar Jun 26 '25 15:06 Normation-Quality-Assistant