jeirmeister/Cockatrice
1
0
Fork 0
mirror of https://github.com/Cockatrice/Cockatrice.git synced 2026-06-15 03:28:49 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

use hashed passwords in all commands (#4493)

Browse source 
* protocol changes

* server changes

* client changes for password reset and registration

* add hashed password to change password in client

* always use hashed password to log in

* add warning to client when using plain text password

* require real password for changing email on server

this is backwards compatible as users logged in with a real password on
older clients will not need this, only users logged in with a hashed
password

* implement password dialog when changing email

* require min password length

* use qstringlist to build query instead

* use clear instead of = ""

* add max to password dialog

* use proper const ness in abstractclient

* reject too long passwords instead of trimming
This commit is contained in:
ebbit1q 2022-01-17 02:32:30 +01:00 committed by GitHub
parent fcafcb340a
commit 2fc85e0c08
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
17 changed files with 330 additions and 96 deletions
Download patch file Download diff file Expand all files Collapse all files

3
cockatrice/src/remoteclient.h
View file

@ -70,7 +70,7 @@ private slots:
const QString &_realname);
void doRequestPasswordSalt();
void doLogin();
void doLogin(const QString &passwordSalt);
void doHashedLogin();
Command_Login generateCommandLogin();
void doDisconnectFromServer();
void doActivateToServer(const QString &_token);
@ -101,6 +101,7 @@ private:
QWebSocket *websocket;
QString lastHostname;
unsigned int lastPort;
QString hashedPassword;
QString getSrvClientID(const QString &_hostname);
bool newMissingFeatureFound(const QString &_serversMissingFeatures);