fix(authn): fix bad type of hash

2021-11-01 18:49:13 +08:00 · 2021-11-01 18:49:13 +08:00 · 29fb9b3361
parent c64637ca39
commit 29fb9b3361
2 changed files with 10 additions and 2 deletions
--- a/apps/emqx_authn/src/emqx_authn_utils.erl
+++ b/apps/emqx_authn/src/emqx_authn_utils.erl
@ -62,7 +62,7 @@ check_password(undefined, _Selected, _State) ->
 check_password(Password,
               #{<<"password_hash">> := Hash},
               #{password_hash_algorithm := bcrypt}) ->
-    case {ok, Hash} =:= bcrypt:hashpw(Password, Hash) of
+    case {ok, to_list(Hash)} =:= bcrypt:hashpw(Password, Hash) of
        true -> ok;
        false -> {error, bad_username_or_password}
    end;
@ -100,3 +100,7 @@ convert_to_sql_param(undefined) ->
    null;
 convert_to_sql_param(V) ->
    bin(V).
+
+to_list(L) when is_list(L) -> L;
+to_list(L) when is_binary(L) -> binary_to_list(L);
+to_list(X) -> X.
--- a/apps/emqx_authn/src/simple_authn/emqx_authn_mongodb.erl
+++ b/apps/emqx_authn/src/simple_authn/emqx_authn_mongodb.erl
@ -205,7 +205,7 @@ check_password(Password,
        undefined ->
            {error, {cannot_find_password_hash_field, PasswordHashField}};
        Hash ->
-            case {ok, Hash} =:= bcrypt:hashpw(Password, Hash) of
+            case {ok, to_list(Hash)} =:= bcrypt:hashpw(Password, Hash) of
                true -> ok;
                false -> {error, bad_username_or_password}
            end
@ -238,3 +238,7 @@ hash(Algorithm, Password, Salt, prefix) ->
    emqx_passwd:hash(Algorithm, <<Salt/binary, Password/binary>>);
 hash(Algorithm, Password, Salt, suffix) ->
    emqx_passwd:hash(Algorithm, <<Password/binary, Salt/binary>>).
+
+to_list(L) when is_list(L) -> L;
+to_list(L) when is_binary(L) -> binary_to_list(L);
+to_list(X) -> X.