From 44b094908c28b588438b4bf31c0a4751be47f48d Mon Sep 17 00:00:00 2001
From: lain <lain@soykaf.club>
Date: Wed, 5 Sep 2018 22:30:14 +0200
Subject: [PATCH] Update legacy passwords automatically.

---
 .../plugs/legacy_authentication_plug.ex       | 10 ++++++---
 .../plugs/legacy_authentication_plug_test.exs | 22 ++++++++++++++-----
 2 files changed, 23 insertions(+), 9 deletions(-)

diff --git a/lib/pleroma/plugs/legacy_authentication_plug.ex b/lib/pleroma/plugs/legacy_authentication_plug.ex
index 48c0aba88..d22c1a647 100644
--- a/lib/pleroma/plugs/legacy_authentication_plug.ex
+++ b/lib/pleroma/plugs/legacy_authentication_plug.ex
@@ -17,11 +17,15 @@ def call(
         } = conn,
         _
       ) do
-    if :crypt.crypt(password, password_hash) == password_hash do
+    with ^password_hash <- :crypt.crypt(password, password_hash),
+         {:ok, user} <-
+           User.reset_password(auth_user, %{password: password, password_confirmation: password}) do
       conn
-      |> assign(:user, auth_user)
+      |> assign(:auth_user, user)
+      |> assign(:user, user)
     else
-      conn
+      _ ->
+        conn
     end
   end
 
diff --git a/test/plugs/legacy_authentication_plug_test.exs b/test/plugs/legacy_authentication_plug_test.exs
index 90783f628..117810722 100644
--- a/test/plugs/legacy_authentication_plug_test.exs
+++ b/test/plugs/legacy_authentication_plug_test.exs
@@ -4,6 +4,8 @@ defmodule Pleroma.Plugs.LegacyAuthenticationPlugTest do
   alias Pleroma.Plugs.LegacyAuthenticationPlug
   alias Pleroma.User
 
+  import Mock
+
   setup do
     # password is "password"
     user = %User{
@@ -30,19 +32,27 @@ test "it does nothing if a user is assigned", %{conn: conn, user: user} do
     assert ret_conn == conn
   end
 
-  test "it authenticates the auth_user if present and password is correct", %{
-    conn: conn,
-    user: user
-  } do
+  test "it authenticates the auth_user if present and password is correct and resets the password",
+       %{
+         conn: conn,
+         user: user
+       } do
     conn =
       conn
       |> assign(:auth_credentials, %{username: "dude", password: "password"})
       |> assign(:auth_user, user)
 
     conn =
-      conn
-      |> LegacyAuthenticationPlug.call(%{})
+      with_mock User,
+        reset_password: fn user, %{password: password, password_confirmation: password} ->
+          send(self, :reset_password)
+          {:ok, user}
+        end do
+        conn
+        |> LegacyAuthenticationPlug.call(%{})
+      end
 
+    assert_received :reset_password
     assert conn.assigns.user == user
   end