discourse/spec/lib
David Taylor 9238767f7e
FEATURE: Persist password hashing algorithm/params in database (#20980)
Previously, Discourse's password hashing was hard-coded to a specific algorithm and parameters. Any changes to the algorithm or parameters would essentially invalidate all existing user passwords.

This commit introduces a new `password_algorithm` column on the `users` table. This persists the algorithm/parameters which were use to generate the hash for a given user. All existing rows in the users table are assumed to be using Discourse's current algorithm/parameters. With this data stored per-user in the database, we'll be able to keep existing passwords working while adjusting the algorithm/parameters for newly hashed passwords.

Passwords which were hashed with an old algorithm will be automatically re-hashed with the new algorithm when the user next logs in.

Values in the `password_algorithm` column are based on the PHC string format (https://github.com/P-H-C/phc-string-format/blob/master/phc-sf-spec.md). Discourse's existing algorithm is described by the string `$pbkdf2-sha256$i=64000,l=32$`

To introduce a new algorithm and start using it, make sure it's implemented in the `PasswordHasher` library, then update `User::TARGET_PASSWORD_ALGORITHM`.
2023-04-11 10:16:28 +01:00
..
auth DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
backup_restore SECURITY: Rate limit the creation of backups 2023-03-16 16:09:22 +01:00
common_passwords DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
compression DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
concern DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
content_security_policy DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
email Revert "DEV: Delete dead Topic#incoming_email_addresses code (#19970)" (#20037) 2023-01-27 11:27:15 +10:00
file_store FIX: ACL for OptimizedImage was using wrong path on multisite (#20784) 2023-03-24 10:16:53 +10:00
final_destination SECURITY: Add FinalDestination::FastImage that's SSRF safe 2023-03-16 15:27:09 -06:00
freedom_patches SECURITY: Monkey-patch web-push gem to use safer HTTP client 2023-03-16 15:27:09 -06:00
guardian DEV: Make Guardian#can_see? default to false for unwatched objects (#20412) 2023-02-24 15:57:01 +08:00
highlight_js DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
i18n DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
imap DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
import DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
middleware FIX: Ensure anon-cached values are never returned for API requests (#20021) 2023-01-26 13:26:29 +00:00
migration DEV: Allow `DROP NOT NULL` in pre-deploy migrations (#20775) 2023-03-22 14:43:32 +00:00
onebox FIX: Allow floats for zoom level in Google Maps onebox 2023-03-01 12:45:33 +01:00
plugin FEATURE: modifier API for plugins (#20887) 2023-03-30 14:39:55 +11:00
pretty_text DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
rate_limiter DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
scheduler DEV: Prevent defer stats exception when thread aborted (#19863) 2023-01-16 09:08:44 +11:00
second_factor DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
seed_data DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
site_settings DEV: Add plugin hook for transforming site setting defaults (#20941) 2023-04-05 12:28:16 +01:00
stylesheet DEV: Move to Sass compilation to dart-sass (#19910) 2023-02-07 12:24:57 -03:00
svg_sprite DEV: Refactor svg sprite parsing (#20727) 2023-03-20 11:41:23 -05:00
theme_store DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
topic_query FEATURE: Only list watching group messages in messages notifications panel (#20630) 2023-03-13 08:09:38 +08:00
validators DEV: Remove unused test (#20964) 2023-04-04 20:48:59 +03:00
webauthn DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
wizard DEV: Replace #pluck_first freedom patch with AR #pick in core (#19893) 2023-02-13 12:39:45 +08:00
admin_confirmation_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
admin_user_index_query_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
archetype_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
bookmark_manager_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
bookmark_query_spec.rb DEV: Change Bookmarkable registration to DiscoursePluginRegistry (#20556) 2023-03-08 10:39:12 +10:00
bookmark_reminder_notification_handler_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
browser_detection_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
cache_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
category_badge_spec.rb FIX: do not escape slash for category text description (#20460) 2023-02-27 12:48:48 +11:00
category_guardian_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
color_math_spec.rb UX: Calculate missing hover/selected colors from existing colors (#20105) 2023-02-01 09:55:21 +00:00
composer_messages_finder_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
content_buffer_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
content_security_policy_spec.rb Update default ga_version to v4 and add warning message for v3 (#20936) 2023-04-04 13:14:20 +01:00
cooked_post_processor_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
crawler_detection_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
current_user_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
db_helper_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
directory_helper_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
discourse_diff_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
discourse_event_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
discourse_hub_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
discourse_js_processor_spec.rb DEV: Update ember-cli-htmlbars to 6.2.0 (#20467) 2023-02-27 18:43:28 +01:00
discourse_plugin_registry_spec.rb FEATURE: modifier API for plugins (#20887) 2023-03-30 14:39:55 +11:00
discourse_redis_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
discourse_sourcemapping_url_processor_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
discourse_spec.rb DEV: Make postgres_readonly cache work like other caches (#20879) 2023-03-30 09:14:59 -05:00
discourse_tagging_spec.rb SECURITY: Default tags to show count of topics in unrestricted categories (#19916) 2023-01-20 09:50:24 +08:00
discourse_updates_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
distributed_cache_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
distributed_memoizer_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
distributed_mutex_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
email_cook_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
email_updater_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
ember_cli_spec.rb DEV: Add test for EmberCli#ember_version (#18140) 2022-08-30 20:33:08 +01:00
encodings_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
enum_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
excerpt_parser_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
feed_element_installer_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
feed_item_accessor_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
file_helper_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
filter_best_posts_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
final_destination_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
flag_settings_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
gaps_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
git_url_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
global_path_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
group_email_credentials_check_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
guardian_spec.rb FEATURE: allow site owners to disable impersonation (#20783) 2023-03-23 15:16:05 +11:00
has_errors_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
hijack_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
html_prettify_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
html_to_markdown_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
image_sizer_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
inline_oneboxer_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
js_locale_helper_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
json_error_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
letter_avatar_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
message_id_service_spec.rb DEV: Address TODOs for email Message-ID generation (#19842) 2023-01-12 13:54:15 +10:00
method_profiler_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
mini_sql_multisite_connection_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
mobile_detection_spec.rb Drop support for iOS < 15.7 (#19847) 2023-01-16 17:28:59 +00:00
new_post_manager_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
new_post_result_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
onebox_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
oneboxer_spec.rb SECURITY: Prevent XSS in local oneboxes (#20008) 2023-01-25 19:17:21 +02:00
onpdiff_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
password_hasher_spec.rb FEATURE: Persist password hashing algorithm/params in database (#20980) 2023-04-11 10:16:28 +01:00
pbkdf2_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
pinned_check_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
plain_text_to_markdown_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
post_action_creator_spec.rb UX/DEV: Review queue redesign fixes (#20239) 2023-03-02 16:40:53 +01:00
post_action_destroyer_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
post_creator_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
post_destroyer_spec.rb UX/DEV: Review queue redesign fixes (#20239) 2023-03-02 16:40:53 +01:00
post_jobs_enqueuer_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
post_locker_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
post_merger_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
post_revisor_spec.rb FEATURE: SiteSetting for creation of small action on tag change (#20812) 2023-04-05 13:31:31 -05:00
presence_channel_spec.rb DEV: handles presence channel configured with everyone group (#20741) 2023-03-20 16:56:43 +01:00
pretty_text_spec.rb FIX: pretty-text shims - getURL's baseUri (#20822) 2023-03-30 08:35:06 -04:00
promotion_spec.rb FIX: Do not validate email in TL promotion (#20892) 2023-03-30 13:52:10 +10:00
quote_comparer_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
rate_limiter_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
retrieve_title_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
rtl_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
s3_cors_rulesets_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
s3_helper_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
s3_inventory_multisite_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
s3_inventory_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
score_calculator_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
scss_checker_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
search_spec.rb FEATURE: Roll out new search optimisations (#20364) 2023-02-20 11:53:35 +11:00
secure_session_spec.rb Add RSpec 4 compatibility (#17652) 2022-07-28 10:27:38 +08:00
shrink_uploaded_image_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
sidebar_section_links_updater_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
site_icon_manager_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
site_setting_extension_multisite_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
site_setting_extension_spec.rb DEV: Add auto _map extension for simple/compact list SiteSettings (#20888) 2023-03-30 14:08:19 +10:00
slug_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
spam_handler_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
suggested_topics_builder_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
system_message_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
text_cleaner_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
text_sentinel_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
theme_flag_modifier_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
theme_javascript_compiler_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
theme_settings_manager_spec.rb FIX: Use the default value correctly for theme settings of type uploads (#20541) 2023-03-06 11:41:47 +03:00
theme_settings_parser_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
timeline_lookup_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
tiny_japanese_segmenter_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
topic_creator_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
topic_publisher_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
topic_query_spec.rb DEV: Introduced topic_query_create_list_topics modifier (#21016) 2023-04-07 13:01:42 -03:00
topic_retriever_spec.rb FEATURE: Update topic/comment embedding parameters (#20181) 2023-02-28 14:31:59 +02:00
topic_upload_security_manager_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
topic_view_spec.rb DEV: add topic_query_suggested_options modifier (#20893) 2023-03-31 09:03:15 +11:00
topics_bulk_action_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
topics_filter_spec.rb DEV: Support `in:<notification level>` filter on `/filter` route (#21038) 2023-04-11 08:48:07 +08:00
trashable_spec.rb DEV: Added .only_deleted scope in the Trashable module (#20196) 2023-02-07 15:28:59 -03:00
trust_level_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
twitter_api_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
unread_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
upload_creator_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
upload_markdown_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
upload_recovery_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
upload_security_spec.rb FIX: UploadReference order by tiebreaker for UploadSecurity (#20602) 2023-03-09 11:52:26 +10:00
url_helper_spec.rb SECURITY: Limit URL length for theme remote (#20787) 2023-03-23 12:01:04 +00:00
user_comm_screener_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
user_lookup_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
user_name_suggester_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
version_spec.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00