Hawkin
/
arangodb
mirror of https://gitee.com/bigwinds/arangodb
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

ldap random salt for new user

This commit is contained in:
baslr 2017-04-25 14:18:44 +02:00
parent a478e6f03c
commit be4da8cd0c
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
arangod/VocBase/AuthInfo.cpp
View File

@ -34,6 +34,7 @@
#include "Logger/Logger.h"
#include "RestServer/DatabaseFeature.h"
#include "Ssl/SslInterface.h"
#include "Random/UniformCharacter.h"
#include <velocypack/Builder.h>
#include <velocypack/Iterator.h>
@ -436,7 +437,7 @@ AuthResult AuthInfo::checkPassword(std::string const& username,
binds.add("simple", VPackValue(VPackValueType::Object));
binds.add("method", VPackValue("sha256"));
std::string salt = "1f71c278"; // TODO: random salt
std::string salt = UniformCharacter(8, "0123456789abcdef").random();
binds.add("salt", VPackValue(salt));
std::string saltedPassword = salt + password;