From aaed886890216b0e45a92b49fec7aad49e281e74 Mon Sep 17 00:00:00 2001 From: Tom Hughes Date: Thu, 16 Nov 2023 00:54:56 +0000 Subject: [PATCH] Hash passwords as soon as a new user is created --- .rubocop_todo.yml | 2 +- app/controllers/users_controller.rb | 4 ++-- app/models/user.rb | 1 + 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 6f25cfeb3..e3407c6dc 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -61,7 +61,7 @@ Metrics/BlockNesting: # Offense count: 26 # Configuration parameters: CountComments, CountAsOne. Metrics/ClassLength: - Max: 285 + Max: 286 # Offense count: 59 # Configuration parameters: AllowedMethods, AllowedPatterns. diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 0b8cab6dd..36c9f4e22 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -104,11 +104,11 @@ class UsersController < ApplicationController render :action => "new" elsif current_user.auth_provider.present? # Verify external authenticator before moving on - session[:new_user] = current_user.attributes.slice("email", "display_name", "pass_crypt", "pass_crypt_confirmation") + session[:new_user] = current_user.attributes.slice("email", "display_name", "pass_crypt") redirect_to auth_url(current_user.auth_provider, current_user.auth_uid), :status => :temporary_redirect else # Save the user record - session[:new_user] = current_user.attributes.slice("email", "display_name", "pass_crypt", "pass_crypt_confirmation") + session[:new_user] = current_user.attributes.slice("email", "display_name", "pass_crypt") redirect_to :action => :terms end end diff --git a/app/models/user.rb b/app/models/user.rb index 3d74b3933..7571dd9dc 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -115,6 +115,7 @@ class User < ApplicationRecord alias_attribute :created_at, :creation_time + after_initialize :encrypt_password before_save :encrypt_password before_save :update_tile after_save :spam_check -- 2.39.5