You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by ei...@apache.org on 2018/03/23 20:59:05 UTC
[couchdb] branch master updated: Validate password_scheme in user
doc
This is an automated email from the ASF dual-hosted git repository.
eiri pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/couchdb.git
The following commit(s) were added to refs/heads/master by this push:
new 45da9f3 Validate password_scheme in user doc
45da9f3 is described below
commit 45da9f307a5fa3d390c44289f87ed640082e0d37
Author: Eric Avdey <ei...@eiri.ca>
AuthorDate: Thu Mar 22 13:55:52 2018 -0300
Validate password_scheme in user doc
If `newDoc.password_scheme` provided validate that it is one
of the supported types.
---
src/couch/include/couch_js_functions.hrl | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/src/couch/include/couch_js_functions.hrl b/src/couch/include/couch_js_functions.hrl
index 6851718..d969416 100644
--- a/src/couch/include/couch_js_functions.hrl
+++ b/src/couch/include/couch_js_functions.hrl
@@ -64,6 +64,15 @@
});
}
+ var available_schemes = [\"simple\", \"pbkdf2\", \"bcrypt\"];
+ if (newDoc.password_scheme
+ && available_schemes.indexOf(newDoc.password_scheme) == -1) {
+ throw({
+ forbidden: 'Password scheme `' + newDoc.password_scheme
+ + '` not supported.'
+ });
+ }
+
if (newDoc.password_scheme === \"pbkdf2\") {
if (typeof(newDoc.iterations) !== \"number\") {
throw({forbidden: \"iterations must be a number.\"});
--
To stop receiving notification emails like this one, please contact
eiri@apache.org.