From 3553c7080ab51cfb33fd571437f891b7b24ff296 Mon Sep 17 00:00:00 2001 From: alemi Date: Mon, 20 Nov 2023 03:01:27 +0100 Subject: [PATCH] fix: hash pwds very basic but better than plaintext --- Cargo.toml | 1 + src/routes/auth.rs | 3 ++- src/routes/register.rs | 4 +++- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index de5ab66..9429b53 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -21,3 +21,4 @@ tracing = "0.1" jwt = "0.16" sha2 = "0.10" hmac = "0.12" +sha256 = "1.4.0" diff --git a/src/routes/auth.rs b/src/routes/auth.rs index acbba17..0375ad2 100644 --- a/src/routes/auth.rs +++ b/src/routes/auth.rs @@ -77,7 +77,8 @@ pub async fn authenticate(State(state): State, Json(payload): Json, Json(payload): J let name = profile.name.clone(); let uuid = profile.id; + let pwd_hash = sha256::digest(payload.password); + entities::user::Entity::insert( entities::user::ActiveModel { id: NotSet, name: Set(name), email: Set(user.username), - password: Set(payload.password), + password: Set(pwd_hash), uuid: Set(uuid), } ).exec(&state.db).await