* Add parser and hasher packages
The new `password` module includes two packages:
- `hashers` provides a structure allowing for seamless migrations
between password hashing methods. It also implements two password
hashers: bcrypt, which was the current hashing method, and PBKDF2, which
is the one we are migrating to.
- `parser` provides types and primitives to parse PHC[0] strings,
serving as the foundation of the `PasswordHasher` interface and
implementations, which are all PHC-based.
[0] https://github.com/P-H-C/phc-string-format/blob/master/phc-sf-spec.md
* Use latest hasher to hash new passwords
The previous commit added a LatestHasher variable, that contains the
`PasswordHasher` currently in use. Here, we make sure we use it for
hashing new passwords, instead of the currently hardcoded bcrypt.
* Use errors from hashers' package
Some chore work to unify errors defined in `hashers`, not from external
packages like `bcrypt`.
* Implement password migration logic
This commit implements the actual logic to migrate passwords, which
can be summarized as:
0. When the user enters their password (either for login in
`App.CheckPasswordAndAllCriteria` or for double-checking the password
when the app needs additional confirmation for anything in
`App.DoubleCheckPassword`), this process is started.
1. The new `App.checkUserPassword` is called. In
`users.CheckUserPassword`, we parse the stored hashed password with the
new PHC parser and identify whether it was generated with the current
hashing method (PBKDF2). If it is, just verify the password as usual and
continue normally.
2. If not, start the migration calling `App.migratePassword`:
a. First, we call `Users.MigratePassword`, which validates that the
stored hash and the provided password match, using the hasher that
generated the old hash.
b. If the user-provided password matches the old hash, then we simply
re-hash that password with our current hasher, the one in
`hashers.LatestHasher`. If not, we fail.
c. Back in `App.migratePassword`, if the migration was successful,
then we update the user in the database with the newly generated hash.
* make i18n-extract
* Rename getDefaultHasher to getOriginalHasher
* Refactor App checkUserPsasword and migratePassword
Simplify the flow in these two methods, removing the similarly named
users.CheckUserPassword and users.MigratePassword, inlining the logic
needed in the App layer and at the same time removing the need to parse
the stored hash twice.
This implements a package-level function, CompareHashAndPassword: the
first step to unexport LatestHasher.
* Add a package level Hash method
This completely removes the need to expose LatestHasher, and lets us
also remove model.HashPassword, in favour of the new hashers.Hash
* Unexport LatestHasher
* Remove tests for removed functions
* Make the linter happy
* Remove error no longer used
* Allow for parameter migrations on the same hasher
Before this, we were only checking that the function ID of the stored
hash was the ID of the latest hashing method. Here, we no longer ignore
the parameters, so that if in the future we need to migrate to the same
hashing method with a different parameter (let's say PBKDF2 with work
factor 120,000 instead of work factor 60,000), we can do it by updating
the latestHasher variable. IsPHCValid will detect this change and force
a migration if needed.
* Document new functions
* make i18n-extract
* Fix typo in comment
Co-authored-by: Ben Cooke <benkcooke@gmail.com>
* Rename parser package to phcparser
* Simplify phcparser.New documentation
* Rename scanSymbol to scanSeparator
Redefine the list of separator tokens, including EOF as one.
* Document undocumented functions that are unexported
* Reorder error block in checkUserPassword
* Add unit tests for IsLatestHasher
* Reorder code in parser.go
* Enforce SHA256 as internal function for PBKDF2
* Fix typo in comment
Co-authored-by: Eva Sarafianou <eva.sarafianou@gmail.com>
---------
Co-authored-by: Ben Cooke <benkcooke@gmail.com>
Co-authored-by: Eva Sarafianou <eva.sarafianou@gmail.com>
Co-authored-by: Mattermost Build <build@mattermost.com>
* Update Go version to v1.23.7
* Bump golangci-lint to a version supporting Go 1.23
* Fix golangci-lint warnings
Several rules from gosimple, revive and staticcheck linters were
failing:
- Redefinition of built-in identifiers (max, min, new, recover...)
- Use of printf-like functions with simple strings
- Check for nil slices, when len already takes it into account
* Trigger Build
* Trigger Build
---------
Co-authored-by: Mattermost Build <build@mattermost.com>
* Bump Go version to 1.23.6
* Update CodeQL Github action as well
* Use server's Go version for CodeQL action
Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com>
* Empty commit to trigger CI
* Bump golangci-lint to a version supporting Go 1.23
* Fix golangci-lint warnings
Several rules from gosimple, revive and staticcheck linters were
failing:
- Redefinition of built-in identifiers (max, min, new, recover...)
- Use of printf-like functions with simple strings
- Check for nil slices, when len already takes it into account
---------
Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com>
Co-authored-by: Mattermost Build <build@mattermost.com>
* add tests
* pass userID to the function instead of the user object.
* remove concurrent login simulation
---------
Co-authored-by: Mattermost Build <build@mattermost.com>
On user login, we were aggressively clearing the channel member
cache when it wasn't necessary. There is no channel membership
info that is changing on a user login.
Additionally, we fix some more issues with pointer passing
to the cache. It's a known problem that our value passing
style isn't consistent when we fetch items from cache.
Sometimes we pass pointer-to-pointer, sometimes it's just a
pointer. This is also the reason for https://github.com/mattermost/mattermost/pull/27830.
We fix 2 such cases where we passed pointer-to-pointer
but didn't handle the special case inside the cache.
This time, we actually fix it in the app layer instead
of the cache layer and also add a test for good measure.
https://mattermost.atlassian.net/browse/MM-60480
```release-note
NONE
```
Co-authored-by: Mattermost Build <build@mattermost.com>
It was a good decision in hindsight to keep the public module as 0.x
because this would have been a breaking change again.
https://mattermost.atlassian.net/browse/MM-53032
```release-note
Changed the Go module path from github.com/mattermost/mattermost-server/server/v8 to github.com/mattermost/mattermost/server/v8.
For the public facing module, it's path is also changed from github.com/mattermost/mattermost-server/server/public to github.com/mattermost/mattermost/server/public
```
https://mattermost.atlassian.net/browse/MM-52079
```release-note
We upgrade the module version to 8.0. The new module path is github.com/mattermost-server/server/v8.
```
Co-authored-by: Doug Lauder <wiggin77@warpmail.net>
