fix: hash pwds
very basic but better than plaintext
This commit is contained in:
parent
508569c90e
commit
3553c7080a
3 changed files with 6 additions and 2 deletions
|
@ -21,3 +21,4 @@ tracing = "0.1"
|
|||
jwt = "0.16"
|
||||
sha2 = "0.10"
|
||||
hmac = "0.12"
|
||||
sha256 = "1.4.0"
|
||||
|
|
|
@ -77,7 +77,8 @@ pub async fn authenticate(State(state): State<AppState>, Json(payload): Json<pro
|
|||
.map_err(|_| (StatusCode::INTERNAL_SERVER_ERROR, proto::Error::simple("db error").json()))?;
|
||||
|
||||
if let Some(u) = user {
|
||||
if payload.password == u.password {
|
||||
let pwd_hash = sha256::digest(payload.password);
|
||||
if pwd_hash == u.password {
|
||||
let s = entities::property::Entity::find().filter(
|
||||
entities::property::Column::UserId.eq(u.id)
|
||||
).one(&state.db).await.map_err(|_| (StatusCode::INTERNAL_SERVER_ERROR, proto::Error::simple("db error").json()))?;
|
||||
|
|
|
@ -35,12 +35,14 @@ pub async fn register_unmigrated(State(state): State<AppState>, Json(payload): J
|
|||
let name = profile.name.clone();
|
||||
let uuid = profile.id;
|
||||
|
||||
let pwd_hash = sha256::digest(payload.password);
|
||||
|
||||
entities::user::Entity::insert(
|
||||
entities::user::ActiveModel {
|
||||
id: NotSet,
|
||||
name: Set(name),
|
||||
email: Set(user.username),
|
||||
password: Set(payload.password),
|
||||
password: Set(pwd_hash),
|
||||
uuid: Set(uuid),
|
||||
}
|
||||
).exec(&state.db).await
|
||||
|
|
Loading…
Reference in a new issue