rainbownapkin/fore.st
1
0
Fork 0
Code Issues 13 Pull requests Actions Packages Projects Releases Wiki Activity

Minor fix regarding password resets

Browse source
This commit is contained in:
calzoneman 2013-06-20 20:12:24 -04:00
parent 7bb38ec8a5
commit bd7a41ce3d
1 changed files with 11 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
database.js
View file

@ -685,6 +685,16 @@ function setUserEmail(name, email) {
return true; return true;
} }
function genSalt() {
var chars = "abcdefgihjklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
+ "0123456789!@#$%^&*_+=~";
var salt = [];
for(var i = 0; i < 32; i++) {
salt.push(chars[parseInt(Math.random()*chars.length)]);
}
return salt.join('');
}
function generatePasswordReset(ip, name, email) { function generatePasswordReset(ip, name, email) {
var db = getConnection(); var db = getConnection();
if(!db) { if(!db) {
@ -711,7 +721,7 @@ function generatePasswordReset(ip, name, email) {
} }
// Validation complete, now time to reset it // Validation complete, now time to reset it
var hash = hashlib.sha256(Date.now() + name); var hash = hashlib.sha256(genSalt() + name);
var exp = Date.now() + 24*60*60*1000; var exp = Date.now() + 24*60*60*1000;
query = createQuery( query = createQuery(
["INSERT INTO `password_reset` (", ["INSERT INTO `password_reset` (",