Removing password reset salt (#6334)

6 files changed, 3 insertions, 51 deletions

diff --git a/api/admin_test.go b/api/admin_test.go
index ae7259863..cbbf10fdd 100644
--- a/api/admin_test.go
+++ b/api/admin_test.go
@@ -81,9 +81,6 @@ func TestGetConfig(t *testing.T) {
 		if cfg.EmailSettings.InviteSalt != model.FAKE_SETTING {
 			t.Fatal("did not sanitize properly")
 		}
-		if cfg.EmailSettings.PasswordResetSalt != model.FAKE_SETTING {
-			t.Fatal("did not sanitize properly")
-		}
 		if cfg.EmailSettings.SMTPPassword != model.FAKE_SETTING && len(cfg.EmailSettings.SMTPPassword) != 0 {
 			t.Fatal("did not sanitize properly")
 		}
diff --git a/api4/system_test.go b/api4/system_test.go
index 62a2a6443..a6b12d326 100644
--- a/api4/system_test.go
+++ b/api4/system_test.go
@@ -49,9 +49,6 @@ func TestGetConfig(t *testing.T) {
 	if cfg.EmailSettings.InviteSalt != model.FAKE_SETTING {
 		t.Fatal("did not sanitize properly")
 	}
-	if cfg.EmailSettings.PasswordResetSalt != model.FAKE_SETTING {
-		t.Fatal("did not sanitize properly")
-	}
 	if cfg.EmailSettings.SMTPPassword != model.FAKE_SETTING && len(cfg.EmailSettings.SMTPPassword) != 0 {
 		t.Fatal("did not sanitize properly")
 	}
diff --git a/config/config.json b/config/config.json
index 352fa0fbf..081616da8 100644
--- a/config/config.json
+++ b/config/config.json
@@ -132,7 +132,6 @@
         "SMTPPort": "2500",
         "ConnectionSecurity": "",
         "InviteSalt": "",
-        "PasswordResetSalt": "",
         "SendPushNotifications": false,
         "PushNotificationServer": "",
         "PushNotificationContents": "generic",
diff --git a/model/config.go b/model/config.go
index 3015b3324..706d07246 100644
--- a/model/config.go
+++ b/model/config.go
@@ -250,7 +250,6 @@ type EmailSettings struct {
 	SMTPPort                          string
 	ConnectionSecurity                string
 	InviteSalt                        string
-	PasswordResetSalt                 string
 	SendPushNotifications             *bool
 	PushNotificationServer            *string
 	PushNotificationContents          *string
@@ -503,10 +502,6 @@ func (o *Config) SetDefaults() {
 		o.EmailSettings.InviteSalt = NewRandomString(32)
 	}
 
-	if len(o.EmailSettings.PasswordResetSalt) == 0 {
-		o.EmailSettings.PasswordResetSalt = NewRandomString(32)
-	}
-
 	if o.ServiceSettings.SiteURL == nil {
 		o.ServiceSettings.SiteURL = new(string)
 		*o.ServiceSettings.SiteURL = SERVICE_SETTINGS_DEFAULT_SITE_URL
@@ -1288,10 +1283,6 @@ func (o *Config) IsValid() *AppError {
 		return NewLocAppError("Config.IsValid", "model.config.is_valid.email_salt.app_error", nil, "")
 	}
 
-	if len(o.EmailSettings.PasswordResetSalt) < 32 {
-		return NewLocAppError("Config.IsValid", "model.config.is_valid.email_reset_salt.app_error", nil, "")
-	}
-
 	if *o.EmailSettings.EmailBatchingBufferSize <= 0 {
 		return NewLocAppError("Config.IsValid", "model.config.is_valid.email_batching_buffer_size.app_error", nil, "")
 	}
@@ -1438,7 +1429,6 @@ func (o *Config) Sanitize() {
 	}
 
 	o.EmailSettings.InviteSalt = FAKE_SETTING
-	o.EmailSettings.PasswordResetSalt = FAKE_SETTING
 	if len(o.EmailSettings.SMTPPassword) > 0 {
 		o.EmailSettings.SMTPPassword = FAKE_SETTING
 	}
diff --git a/utils/config.go b/utils/config.go
index 25d222f3a..8da08245a 100644
--- a/utils/config.go
+++ b/utils/config.go
@@ -288,7 +288,7 @@ func LoadConfig(fileName string) {
 	CfgFileName = viper.ConfigFileUsed()
 
 	needSave := len(config.SqlSettings.AtRestEncryptKey) == 0 || len(*config.FileSettings.PublicLinkSalt) == 0 ||
-		len(config.EmailSettings.InviteSalt) == 0 || len(config.EmailSettings.PasswordResetSalt) == 0
+		len(config.EmailSettings.InviteSalt) == 0
 
 	config.SetDefaults()
 
@@ -542,9 +542,6 @@ func Desanitize(cfg *model.Config) {
 	if cfg.EmailSettings.InviteSalt == model.FAKE_SETTING {
 		cfg.EmailSettings.InviteSalt = Cfg.EmailSettings.InviteSalt
 	}
-	if cfg.EmailSettings.PasswordResetSalt == model.FAKE_SETTING {
-		cfg.EmailSettings.PasswordResetSalt = Cfg.EmailSettings.PasswordResetSalt
-	}
 	if cfg.EmailSettings.SMTPPassword == model.FAKE_SETTING {
 		cfg.EmailSettings.SMTPPassword = Cfg.EmailSettings.SMTPPassword
 	}
diff --git a/webapp/components/admin_console/password_settings.jsx b/webapp/components/admin_console/password_settings.jsx
index 68506fcfe..1e12d5941 100644
--- a/webapp/components/admin_console/password_settings.jsx
+++ b/webapp/components/admin_console/password_settings.jsx
@@ -9,7 +9,6 @@ import TextSetting from './text_setting.jsx';
 import Setting from './setting.jsx';
 import * as Utils from 'utils/utils.jsx';
 import Constants from 'utils/constants.jsx';
-import GeneratedSetting from './generated_setting.jsx';
 
 export default class PasswordSettings extends AdminSettings {
     constructor(props) {
@@ -30,8 +29,7 @@ export default class PasswordSettings extends AdminSettings {
             passwordNumber: props.config.PasswordSettings.Number,
             passwordUppercase: props.config.PasswordSettings.Uppercase,
             passwordSymbol: props.config.PasswordSettings.Symbol,
-            maximumLoginAttempts: props.config.ServiceSettings.MaximumLoginAttempts,
-            passwordResetSalt: props.config.EmailSettings.PasswordResetSalt
+            maximumLoginAttempts: props.config.ServiceSettings.MaximumLoginAttempts
         });
 
         // Update sample message from config settings
@@ -73,7 +71,6 @@ export default class PasswordSettings extends AdminSettings {
         }
 
         config.ServiceSettings.MaximumLoginAttempts = this.parseIntNonZero(this.state.maximumLoginAttempts);
-        config.EmailSettings.PasswordResetSalt = this.state.passwordResetSalt;
 
         return config;
     }
@@ -85,8 +82,7 @@ export default class PasswordSettings extends AdminSettings {
             passwordNumber: config.PasswordSettings.Number,
             passwordUppercase: config.PasswordSettings.Uppercase,
             passwordSymbol: config.PasswordSettings.Symbol,
-            maximumLoginAttempts: config.ServiceSettings.MaximumLoginAttempts,
-            passwordResetSalt: config.EmailSettings.PasswordResetSalt
+            maximumLoginAttempts: config.ServiceSettings.MaximumLoginAttempts
         };
     }
 
@@ -261,30 +257,6 @@ export default class PasswordSettings extends AdminSettings {
         return (
             <SettingsGroup>
                 {passwordSettings}
-                <GeneratedSetting
-                    id='passwordResetSalt'
-                    label={
-                        <FormattedMessage
-                            id='admin.email.passwordSaltTitle'
-                            defaultMessage='Password Reset Salt:'
-                        />
-                    }
-                    helpText={
-                        <FormattedMessage
-                            id='admin.email.passwordSaltDescription'
-                            defaultMessage='32-character salt added to signing of password reset emails. Randomly generated on install. Click "Regenerate" to create new salt.'
-                        />
-                    }
-                    value={this.state.passwordResetSalt}
-                    onChange={this.handleChange}
-                    disabled={this.state.sendEmailNotifications}
-                    disabledText={
-                        <FormattedMessage
-                            id='admin.security.passwordResetSalt.disabled'
-                            defaultMessage='Password reset salt cannot be changed while sending emails is disabled.'
-                        />
-                    }
-                />
                 <TextSetting
                     id='maximumLoginAttempts'
                     label={