Migration: Where Password is Valid with Empty String delete it

6543 · 6543 · commit 867ee87611c0 · 2021-01-08T00:48:28.000+01:00
diff --git a/models/login_source.go b/models/login_source.go
@@ -774,7 +774,7 @@ func UserSignIn(username, password string) (*User, error) {
 					if err = user.SetPassword(password); err != nil {
 						return nil, err
 					}
-					if err := UpdateUserCols(user, "passwd", "passwd_hash_algo", "salt"); err != nil {
+					if err = UpdateUserCols(user, "passwd", "passwd_hash_algo", "salt"); err != nil {
 						return nil, err
 					}
 				}
diff --git a/models/migrations/migrations.go b/models/migrations/migrations.go
@@ -277,6 +277,8 @@ var migrations = []Migration{
 	NewMigration("Add scope and nonce columns to oauth2_grant table", addScopeAndNonceColumnsToOAuth2Grant),
 	// v165 -> v166
 	NewMigration("Convert hook task type from char(16) to varchar(16) and trim the column", convertHookTaskTypeToVarcharAndTrim),
+	// v166 -> v167
+	NewMigration("Where Password is Valid with Empty String delete it", recalculateUserEmptyPWD),
 }
 
 // GetCurrentDBVersion returns the current db version
diff --git a/models/migrations/v166.go b/models/migrations/v166.go
@@ -0,0 +1,115 @@
+// Copyright 2021 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package migrations
+
+import (
+	"crypto/sha256"
+	"fmt"
+
+	"golang.org/x/crypto/argon2"
+	"golang.org/x/crypto/bcrypt"
+	"golang.org/x/crypto/pbkdf2"
+	"golang.org/x/crypto/scrypt"
+	"xorm.io/builder"
+	"xorm.io/xorm"
+)
+
+func recalculateUserEmptyPWD(x *xorm.Engine) (err error) {
+	const (
+		algoBcrypt = "bcrypt"
+		algoScrypt = "scrypt"
+		algoArgon2 = "argon2"
+		algoPbkdf2 = "pbkdf2"
+	)
+
+	type User struct {
+		ID                 int64  `xorm:"pk autoincr"`
+		Passwd             string `xorm:"NOT NULL"`
+		PasswdHashAlgo     string `xorm:"NOT NULL DEFAULT 'argon2'"`
+		MustChangePassword bool   `xorm:"NOT NULL DEFAULT false"`
+		LoginType          int
+		LoginName          string
+		Type               int
+		Salt               string `xorm:"VARCHAR(10)"`
+	}
+
+	// hashPassword hash password based on algo and salt
+	// state 461406070c
+	hashPassword := func(passwd, salt, algo string) string {
+		var tempPasswd []byte
+
+		switch algo {
+		case algoBcrypt:
+			tempPasswd, _ = bcrypt.GenerateFromPassword([]byte(passwd), bcrypt.DefaultCost)
+			return string(tempPasswd)
+		case algoScrypt:
+			tempPasswd, _ = scrypt.Key([]byte(passwd), []byte(salt), 65536, 16, 2, 50)
+		case algoArgon2:
+			tempPasswd = argon2.IDKey([]byte(passwd), []byte(salt), 2, 65536, 8, 50)
+		case algoPbkdf2:
+			fallthrough
+		default:
+			tempPasswd = pbkdf2.Key([]byte(passwd), []byte(salt), 10000, 50, sha256.New)
+		}
+
+		return fmt.Sprintf("%x", tempPasswd)
+	}
+
+	// ValidatePassword checks if given password matches the one belongs to the user.
+	// state 461406070c, changed since it's not necessary to be time constant
+	ValidatePassword := func(u *User, passwd string) bool {
+		tempHash := hashPassword(passwd, u.Salt, u.PasswdHashAlgo)
+
+		if u.PasswdHashAlgo != algoBcrypt && u.Passwd == tempHash {
+			return true
+		}
+		if u.PasswdHashAlgo == algoBcrypt && bcrypt.CompareHashAndPassword([]byte(u.Passwd), []byte(passwd)) == nil {
+			return true
+		}
+		return false
+	}
+
+	sess := x.NewSession()
+	defer sess.Close()
+
+	const batchSize = 100
+
+	for start := 0; ; start += batchSize {
+		users := make([]*User, 0, batchSize)
+		if err = sess.Limit(batchSize, start).Where(builder.Neq{"passwd": ""}, 0).Find(&users); err != nil {
+			return
+		}
+		if len(users) == 0 {
+			break
+		}
+
+		if err = sess.Begin(); err != nil {
+			return
+		}
+
+		for _, user := range users {
+			if ValidatePassword(user, "") {
+				user.Passwd = ""
+				user.Salt = ""
+				user.PasswdHashAlgo = ""
+				if _, err = sess.ID(user.ID).Cols("passwd", "salt", "passwd_hash_algo").Update(user); err != nil {
+					return err
+				}
+			}
+		}
+
+		if err = sess.Commit(); err != nil {
+			return
+		}
+	}
+
+	// delete salt and algo where password is empty
+	if _, err = sess.Where(builder.Eq{"passwd": ""}.And(builder.Neq{"salt": ""}.Or(builder.Neq{"passwd_hash_algo": ""}))).
+		Cols("salt", "passwd_hash_algo").Update(&User{}); err != nil {
+		return err
+	}
+
+	return sess.Commit()
+}

Original file line number	Diff line number	Diff line change
`@@ -774,7 +774,7 @@ func UserSignIn(username, password string) (*User, error) {`
`774`	`774`	`if err = user.SetPassword(password); err != nil {`
`775`	`775`	`return nil, err`
`776`	`776`	`}`
`777`		`- if err := UpdateUserCols(user, "passwd", "passwd_hash_algo", "salt"); err != nil {`
	`777`	`+ if err = UpdateUserCols(user, "passwd", "passwd_hash_algo", "salt"); err != nil {`
`778`	`778`	`return nil, err`
`779`	`779`	`}`
`780`	`780`	`}`
Original file line number	Diff line number	Diff line change
`@@ -277,6 +277,8 @@ var migrations = []Migration{`
`277`	`277`	`NewMigration("Add scope and nonce columns to oauth2_grant table", addScopeAndNonceColumnsToOAuth2Grant),`
`278`	`278`	`// v165 -> v166`
`279`	`279`	`NewMigration("Convert hook task type from char(16) to varchar(16) and trim the column", convertHookTaskTypeToVarcharAndTrim),`
	`280`	`+ // v166 -> v167`
	`281`	`+ NewMigration("Where Password is Valid with Empty String delete it", recalculateUserEmptyPWD),`
`280`	`282`	`}`
`281`	`283`
`282`	`284`	`// GetCurrentDBVersion returns the current db version`