[Bps-public-commit] App-Todo branch, master, updated. 0.97-4-ge21faaa
Jesse Vincent
jesse at bestpractical.com
Fri Jan 21 14:01:51 EST 2011
The branch, master has been updated
via e21faaa739bb0d884d6a89489be70f8a16650971 (commit)
from 516c06e04d52c6ff503c01fd8226ddaba62e9efe (commit)
Summary of changes:
bin/todo.pl | 16 +++++++++++++---
1 files changed, 13 insertions(+), 3 deletions(-)
- Log -----------------------------------------------------------------
commit e21faaa739bb0d884d6a89489be70f8a16650971
Author: David A Benjamin <davidben at MIT.EDU>
Date: Wed Feb 24 14:37:00 2010 -0500
Update todo.pl to use password-hashing like the webui, rather than a plaintext pw
diff --git a/bin/todo.pl b/bin/todo.pl
index c1130e5..0c9a1a1 100755
--- a/bin/todo.pl
+++ b/bin/todo.pl
@@ -24,6 +24,7 @@ use Pod::Usage;
use Email::Address;
use Fcntl qw(:mode);
use File::Temp;
+use Digest::MD5 qw(md5_hex);
our $CONFFILE = "$ENV{HOME}/.hiveminder";
our $VERSION = $App::Todo::VERSION;
@@ -559,9 +560,18 @@ with the server.
sub do_login {
return 1 if $config{sid};
- my $result = call(Login =>
- address => $config{email},
- password => $config{password});
+ my $result = call(GeneratePasswordToken =>
+ address => $config{email});
+ if ($result->{failure}) {
+ die $result->{message};
+ }
+ my $salt = $result->{_content}{salt};
+ my $token = $result->{_content}{token};
+ my $hashed_password = md5_hex($token . ' ' . md5_hex($config{password} . $salt));
+ $result = call(Login =>
+ address => $config{email},
+ hashed_password => $hashed_password,
+ token => $token);
if(!$result->{failure}) {
$config{sid} = get_session_id();
save_config();
-----------------------------------------------------------------------
More information about the Bps-public-commit
mailing list