From 882fb8eca544c3d87a8634b931df6a4f77b5bd20 Mon Sep 17 00:00:00 2001
From: Matteo Piovanelli <MatteoPiovanelli-Laser@users.noreply.github.com>
Date: Fri, 21 Apr 2023 08:52:29 +0200
Subject: [PATCH] Restored ability to automatically migrate hashing algorithm
 (#8672)

---
 .../Modules/Orchard.Users/Services/MembershipService.cs    | 3 ++-
 .../Modules/Orchard.Users/Services/PasswordService.cs      | 7 +++++++
 src/Orchard/Security/PasswordContext.cs                    | 6 ++++++
 3 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/src/Orchard.Web/Modules/Orchard.Users/Services/MembershipService.cs b/src/Orchard.Web/Modules/Orchard.Users/Services/MembershipService.cs
index 8b7f4161c..fdccf1015 100644
--- a/src/Orchard.Web/Modules/Orchard.Users/Services/MembershipService.cs
+++ b/src/Orchard.Web/Modules/Orchard.Users/Services/MembershipService.cs
@@ -150,7 +150,8 @@ namespace Orchard.Users.Services {
                 Password = user.Password,
                 HashAlgorithm = user.HashAlgorithm,
                 PasswordFormat = user.PasswordFormat,
-                PasswordSalt = user.PasswordSalt
+                PasswordSalt = user.PasswordSalt,
+                User = user
             }, password)) {
                 validationErrors.Add(T("The username or e-mail or password provided is incorrect."));
                 return null;
diff --git a/src/Orchard.Web/Modules/Orchard.Users/Services/PasswordService.cs b/src/Orchard.Web/Modules/Orchard.Users/Services/PasswordService.cs
index 3094417b1..a7d20faf4 100644
--- a/src/Orchard.Web/Modules/Orchard.Users/Services/PasswordService.cs
+++ b/src/Orchard.Web/Modules/Orchard.Users/Services/PasswordService.cs
@@ -8,6 +8,7 @@ using System.Web.Helpers;
 using System.Web.Security;
 using Orchard.Environment.Configuration;
 using Orchard.Security;
+using Orchard.Users.Models;
 
 namespace Orchard.Users.Services {
     public class PasswordService : IPasswordService {
@@ -56,6 +57,12 @@ namespace Orchard.Users.Services {
                 if (String.IsNullOrEmpty(keepOldConfiguration) || keepOldConfiguration.Equals("false", StringComparison.OrdinalIgnoreCase)) {
                     context.HashAlgorithm = DefaultHashAlgorithm;
                     context.Password = PasswordExtensions.ComputeHashBase64(context.HashAlgorithm, saltBytes, plaintextPassword);
+                    // Actually persist the migration of the algorithm
+                    var pwdUser = context.User as UserPart;
+                    if (pwdUser != null) {
+                        pwdUser.HashAlgorithm = context.HashAlgorithm;
+                        pwdUser.Password = context.Password;
+                    }
                 }
             }
 
diff --git a/src/Orchard/Security/PasswordContext.cs b/src/Orchard/Security/PasswordContext.cs
index 634399a41..211409e76 100644
--- a/src/Orchard/Security/PasswordContext.cs
+++ b/src/Orchard/Security/PasswordContext.cs
@@ -9,5 +9,11 @@ namespace Orchard.Security {
         public string PasswordSalt { get; set; }
         public string HashAlgorithm { get; set; }
         public MembershipPasswordFormat PasswordFormat { get; set; }
+
+        // In some rare cases, it's important to carry information about a user
+        // this password belongs to. A practical example is when we have to force
+        // an upgrade of the hashing/encryption scheme used for the password, and
+        // store corresponding information.
+        public IUser User { get; set; }
     }
 }
\ No newline at end of file