fix: hash pwds
very basic but better than plaintext
This commit is contained in:
parent
508569c90e
commit
3553c7080a
3 changed files with 6 additions and 2 deletions
|
@ -21,3 +21,4 @@ tracing = "0.1"
|
||||||
jwt = "0.16"
|
jwt = "0.16"
|
||||||
sha2 = "0.10"
|
sha2 = "0.10"
|
||||||
hmac = "0.12"
|
hmac = "0.12"
|
||||||
|
sha256 = "1.4.0"
|
||||||
|
|
|
@ -77,7 +77,8 @@ pub async fn authenticate(State(state): State<AppState>, Json(payload): Json<pro
|
||||||
.map_err(|_| (StatusCode::INTERNAL_SERVER_ERROR, proto::Error::simple("db error").json()))?;
|
.map_err(|_| (StatusCode::INTERNAL_SERVER_ERROR, proto::Error::simple("db error").json()))?;
|
||||||
|
|
||||||
if let Some(u) = user {
|
if let Some(u) = user {
|
||||||
if payload.password == u.password {
|
let pwd_hash = sha256::digest(payload.password);
|
||||||
|
if pwd_hash == u.password {
|
||||||
let s = entities::property::Entity::find().filter(
|
let s = entities::property::Entity::find().filter(
|
||||||
entities::property::Column::UserId.eq(u.id)
|
entities::property::Column::UserId.eq(u.id)
|
||||||
).one(&state.db).await.map_err(|_| (StatusCode::INTERNAL_SERVER_ERROR, proto::Error::simple("db error").json()))?;
|
).one(&state.db).await.map_err(|_| (StatusCode::INTERNAL_SERVER_ERROR, proto::Error::simple("db error").json()))?;
|
||||||
|
|
|
@ -35,12 +35,14 @@ pub async fn register_unmigrated(State(state): State<AppState>, Json(payload): J
|
||||||
let name = profile.name.clone();
|
let name = profile.name.clone();
|
||||||
let uuid = profile.id;
|
let uuid = profile.id;
|
||||||
|
|
||||||
|
let pwd_hash = sha256::digest(payload.password);
|
||||||
|
|
||||||
entities::user::Entity::insert(
|
entities::user::Entity::insert(
|
||||||
entities::user::ActiveModel {
|
entities::user::ActiveModel {
|
||||||
id: NotSet,
|
id: NotSet,
|
||||||
name: Set(name),
|
name: Set(name),
|
||||||
email: Set(user.username),
|
email: Set(user.username),
|
||||||
password: Set(payload.password),
|
password: Set(pwd_hash),
|
||||||
uuid: Set(uuid),
|
uuid: Set(uuid),
|
||||||
}
|
}
|
||||||
).exec(&state.db).await
|
).exec(&state.db).await
|
||||||
|
|
Loading…
Reference in a new issue