summaryrefslogtreecommitdiff
path: root/lib/Travelynx
diff options
context:
space:
mode:
authorDaniel Friesel <derf@finalrewind.org>2022-03-07 18:12:43 +0100
committerDaniel Friesel <derf@finalrewind.org>2022-03-07 18:12:43 +0100
commit13b4572a2f58231272c7f40add706d561ecf4855 (patch)
tree4835dc1793969445ae9d4209380bce1b21803e1a /lib/Travelynx
parente2e33de7e1cb82b89cc0b19f9a022787eec98916 (diff)
limit password length to 10000 characters
that should be sufficient…
Diffstat (limited to 'lib/Travelynx')
-rw-r--r--lib/Travelynx/Controller/Account.pm2
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/Travelynx/Controller/Account.pm b/lib/Travelynx/Controller/Account.pm
index 0435d51..97ea8ad 100644
--- a/lib/Travelynx/Controller/Account.pm
+++ b/lib/Travelynx/Controller/Account.pm
@@ -13,7 +13,7 @@ sub hash_password {
my @salt_bytes = map { int( rand(255) ) + 1 } ( 1 .. 16 );
my $salt = en_base64( pack( 'C[16]', @salt_bytes ) );
- return bcrypt( $password, '$2a$12$' . $salt );
+ return bcrypt( substr( $password, 0, 10000 ), '$2a$12$' . $salt );
}
sub make_token {