mirror of
https://github.com/RGBCube/serenity
synced 2025-07-27 18:17:45 +00:00
LibCore: Make Account::authenticate take a SecretString
To encourage users to use the SecretString API, change the API so that Account::authenticate only accepts a SecretString.
This commit is contained in:
parent
9e667453c7
commit
df04283d61
5 changed files with 7 additions and 6 deletions
|
@ -159,7 +159,7 @@ Result<Account, String> Account::from_uid(uid_t uid, Read options)
|
|||
return from_passwd(*pwd, *spwd);
|
||||
}
|
||||
|
||||
bool Account::authenticate(const char* password) const
|
||||
bool Account::authenticate(SecretString const& password) const
|
||||
{
|
||||
// If there was no shadow entry for this account, authentication always fails.
|
||||
if (m_password_hash.is_null())
|
||||
|
@ -170,7 +170,7 @@ bool Account::authenticate(const char* password) const
|
|||
return true;
|
||||
|
||||
// FIXME: Use crypt_r if it can be built in lagom.
|
||||
char* hash = crypt(password, m_password_hash.characters());
|
||||
char* hash = crypt(password.characters(), m_password_hash.characters());
|
||||
return hash != nullptr && strcmp(hash, m_password_hash.characters()) == 0;
|
||||
}
|
||||
|
||||
|
|
|
@ -10,6 +10,7 @@
|
|||
#include <AK/String.h>
|
||||
#include <AK/Types.h>
|
||||
#include <AK/Vector.h>
|
||||
#include <LibCore/SecretString.h>
|
||||
#include <pwd.h>
|
||||
#ifndef AK_OS_BSD_GENERIC
|
||||
# include <shadow.h>
|
||||
|
@ -36,7 +37,7 @@ public:
|
|||
static Result<Account, String> from_name(const char* username, Read options = Read::All);
|
||||
static Result<Account, String> from_uid(uid_t uid, Read options = Read::All);
|
||||
|
||||
bool authenticate(const char* password) const;
|
||||
bool authenticate(SecretString const& password) const;
|
||||
bool login() const;
|
||||
|
||||
String username() const { return m_username; }
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue