Fall 'kein Hash-Algorithmus angegeben' bei alten Passwörtern richtig behandeln

[kivitendo-erp.git] / sql / Pg-upgrade2-auth / password_hashing.sql

diff --git a/sql/Pg-upgrade2-auth/password_hashing.sql b/sql/Pg-upgrade2-auth/password_hashing.sql
new file mode 100644 (file)
index 0000000..c1db613
--- /dev/null
+++ b/sql/Pg-upgrade2-auth/password_hashing.sql
@@ -0,0 +1,9 @@
+-- @tag: password_hashing
+-- @description: Explicitely set a password hashing algorithm
+-- @depends:
+-- @charset: utf-8
+UPDATE auth."user"
+  SET password = '{CRYPT}' || password
+  WHERE NOT (password IS NULL)
+    AND (password <> '')
+    AND NOT (password LIKE '{%}%');