summaryrefslogtreecommitdiff
path: root/lib/VNDB/Util/Auth.pm
diff options
context:
space:
mode:
authorYorhel <git@yorhel.nl>2011-08-22 10:04:39 +0200
committerYorhel <git@yorhel.nl>2011-08-22 10:04:39 +0200
commitaf7dec7a5e74137c6236364bbab6184f1e971954 (patch)
tree451fc215cd8b6d3e6e421942bcdc11b23425b7a7 /lib/VNDB/Util/Auth.pm
parent3e50a783a073ba8359b221f7d9a8071e23ade967 (diff)
Removed support for pre-2.6 passwords
Users who haven't logged in since 2009-08-09 will find that their passwords have been reset. They need to use the password recovery feature before logging in again.
Diffstat (limited to 'lib/VNDB/Util/Auth.pm')
-rw-r--r--lib/VNDB/Util/Auth.pm10
1 files changed, 1 insertions, 9 deletions
diff --git a/lib/VNDB/Util/Auth.pm b/lib/VNDB/Util/Auth.pm
index 89807bef..06ed1984 100644
--- a/lib/VNDB/Util/Auth.pm
+++ b/lib/VNDB/Util/Auth.pm
@@ -5,7 +5,6 @@ package VNDB::Util::Auth;
use strict;
use warnings;
use Exporter 'import';
-use Digest::MD5 'md5_hex';
use Digest::SHA qw|sha1_hex sha256_hex|;
use Time::HiRes;
use Encode 'encode_utf8';
@@ -101,19 +100,12 @@ sub _authCheck {
return 0 if !$user || length($user) > 15 || length($user) < 2 || !$pass;
my $d = $self->dbUserGet(username => $user, what => 'extended notifycount')->[0];
- return 0 if !$d->{id};
+ return 0 if !$d->{id} || $d->{salt} =~ /^ *$/;
if(_authEncryptPass($self, $pass, $d->{salt}) eq $d->{passwd}) {
$self->{_auth} = $d;
return 1;
}
- if(md5_hex($pass) eq $d->{passwd}) {
- $self->{_auth} = $d;
- my %o;
- ($o{passwd}, $o{salt}) = authPreparePass($self, $pass);
- $self->dbUserEdit($d->{id}, %o);
- return 1;
- }
return 0;
}