X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;ds=sidebyside;f=src%2Forg%2Fcacert%2Fgigi%2Fpages%2FLoginPage.java;h=ed01ceb6ccc90e9817cbe1fc64546f136ecaa08e;hb=a1a980dd0cc65f33a6189eb81a164fe79abb647c;hp=d8d0d4d37932c82edbf38397877fdb1206c0dad9;hpb=e8802b0aa6f096f62f027d2092a2398c7b51a855;p=gigi.git diff --git a/src/org/cacert/gigi/pages/LoginPage.java b/src/org/cacert/gigi/pages/LoginPage.java index d8d0d4d3..ed01ceb6 100644 --- a/src/org/cacert/gigi/pages/LoginPage.java +++ b/src/org/cacert/gigi/pages/LoginPage.java @@ -19,7 +19,7 @@ import org.cacert.gigi.database.GigiResultSet; import org.cacert.gigi.dbObjects.Group; import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.localisation.Language; -import org.cacert.gigi.output.Form; +import org.cacert.gigi.output.template.Form; import org.cacert.gigi.util.PasswordHash; public class LoginPage extends Page { @@ -97,8 +97,17 @@ public class LoginPage extends Page { ps.setString(1, un); GigiResultSet rs = ps.executeQuery(); if (rs.next()) { - if (PasswordHash.verifyHash(pw, rs.getString(1))) { + String dbHash = rs.getString(1); + String hash = PasswordHash.verifyHash(pw, dbHash); + if (hash != null) { + if ( !hash.equals(dbHash)) { + GigiPreparedStatement gps = DatabaseConnection.getInstance().prepare("UPDATE `users` SET `password`=? WHERE `email`=?"); + gps.setString(1, hash); + gps.setString(2, un); + gps.executeUpdate(); + } loginSession(req, User.getById(rs.getInt(2))); + req.getSession().setAttribute(LOGIN_METHOD, "Password"); } } rs.close(); @@ -117,6 +126,7 @@ public class LoginPage extends Page { loginSession(req, User.getById(rs.getInt(1))); req.getSession().setAttribute(CERT_SERIAL, serial); req.getSession().setAttribute(CERT_ISSUER, x509Certificate.getIssuerDN()); + req.getSession().setAttribute(LOGIN_METHOD, "Certificate"); } rs.close(); }