You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@couchdb.apache.org by ei...@apache.org on 2018/03/23 20:59:05 UTC

[couchdb] branch master updated: Validate password_scheme in user doc

This is an automated email from the ASF dual-hosted git repository.

eiri pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/couchdb.git


The following commit(s) were added to refs/heads/master by this push:
     new 45da9f3  Validate password_scheme in user doc
45da9f3 is described below

commit 45da9f307a5fa3d390c44289f87ed640082e0d37
Author: Eric Avdey <ei...@eiri.ca>
AuthorDate: Thu Mar 22 13:55:52 2018 -0300

    Validate password_scheme in user doc
    
    If `newDoc.password_scheme` provided validate that it is one
    of the supported types.
---
 src/couch/include/couch_js_functions.hrl | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/couch/include/couch_js_functions.hrl b/src/couch/include/couch_js_functions.hrl
index 6851718..d969416 100644
--- a/src/couch/include/couch_js_functions.hrl
+++ b/src/couch/include/couch_js_functions.hrl
@@ -64,6 +64,15 @@
             });
         }
 
+        var available_schemes = [\"simple\", \"pbkdf2\", \"bcrypt\"];
+        if (newDoc.password_scheme
+                && available_schemes.indexOf(newDoc.password_scheme) == -1) {
+            throw({
+                forbidden: 'Password scheme `' + newDoc.password_scheme
+                    + '` not supported.'
+            });
+        }
+
         if (newDoc.password_scheme === \"pbkdf2\") {
             if (typeof(newDoc.iterations) !== \"number\") {
                throw({forbidden: \"iterations must be a number.\"});

-- 
To stop receiving notification emails like this one, please contact
eiri@apache.org.