gandc/3x-ui
1
0
Fork 0
mirror of https://github.com/MHSanaei/3x-ui.git synced 2026-03-19 00:55:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: hashing user passwords

Browse Source 
solves problems #2944, #2783
This commit is contained in:
Columbiysky
2025-05-03 12:27:53 +03:00
committed by GitHub
parent 3d54e33051
commit 85cbad3ef4
5 changed files with 101 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
web/controller/setting.go
View File

@@ -4,6 +4,7 @@ import (
"errors"
"time"
"x-ui/util/crypto"
"x-ui/web/entity"
"x-ui/web/service"
"x-ui/web/session"
@@ -84,7 +85,7 @@ func (a *SettingController) updateUser(c *gin.Context) {
return
}
user := session.GetLoginUser(c)
if user.Username != form.OldUsername || user.Password != form.OldPassword {
if user.Username != form.OldUsername || !crypto.CheckPasswordHash(user.Password, form.OldPassword) {
jsonMsg(c, I18nWeb(c, "pages.settings.toasts.modifyUser"), errors.New(I18nWeb(c, "pages.settings.toasts.originalUserPassIncorrect")))
return
}
@@ -95,7 +96,7 @@ func (a *SettingController) updateUser(c *gin.Context) {
err = a.userService.UpdateUser(user.Id, form.NewUsername, form.NewPassword)
if err == nil {
user.Username = form.NewUsername
user.Password = form.NewPassword
user.Password, _ = crypto.HashPasswordAsBcrypt(form.NewPassword)
session.SetLoginUser(c, user)
}
jsonMsg(c, I18nWeb(c, "pages.settings.toasts.modifyUser"), err)