Fixed password hash and added salt to hash

This commit is contained in:
Nathan Anderson 2023-08-04 20:06:49 -06:00
parent 7abe33ecaa
commit e1906dd9a8
2 changed files with 14 additions and 9 deletions

View File

@ -42,7 +42,7 @@ pub fn login(req: *httpz.Request, res: *httpz.Response) !void {
}
var user: ?models.User = null;
const password_hash = utils.hashPassword(body.password);
const password_hash = try utils.hashPassword(allocator, body.password);
if (body.username != null) {
const query =
"WHERE pass_hash = ? and username = ?;";
@ -107,7 +107,7 @@ pub fn signup(req: *httpz.Request, res: *httpz.Response) !void {
// return;
// }
const password_hash = @truncate(u32, std.hash.Wyhash.hash(auth.HASH_SEED, body.password));
const password_hash = try utils.hashPassword(allocator, body.password);
const now = @bitCast(u64, std.time.milliTimestamp());
const uname_query =

View File

@ -1,6 +1,7 @@
const std = @import("std");
const HASH_SEED: u64 = 6065983110;
const HASH_SALT: []const u8 = "ZnNLSRbY12DpPeMaPooKhOsxk7Qq325a2KF8EoIIeOaEz";
fn SpreadResult(comptime Base: type, comptime Additional: type) type {
comptime {
@ -125,8 +126,9 @@ pub fn generateRandomString(allocator: std.mem.Allocator) ![]const u8 {
return code;
}
pub fn hashPassword(password: []const u8) u32 {
const password_hash = @truncate(u32, std.hash.Wyhash.hash(HASH_SEED, password));
pub fn hashPassword(allocator: std.mem.Allocator, password: []const u8) !u32 {
const salted_password = try std.mem.concat(allocator, u8, &[_][]const u8{ password, HASH_SALT });
const password_hash = @truncate(u32, std.hash.Wyhash.hash(HASH_SEED, salted_password));
return password_hash;
}
@ -135,13 +137,16 @@ test {
// const data = structConcatFields(vote, .{ .id2 = vote.id });
// std.log.err("\n{any}\n", .{data});
const user = .{ .id = 0, .createdAt = 2, .other = 3, .key = 4 };
const date = removeStructFields(user, &[_]u8{4});
std.debug.print("\n{any}\n", .{date});
// const user = .{ .id = 0, .createdAt = 2, .other = 3, .key = 4 };
// const date = removeStructFields(user, &[_]u8{4});
// std.debug.print("\n{any}\n", .{date});
var gpa = std.testing.allocator_instance;
// _ = gpa;
var allocator = gpa.allocator();
// _ = allocator;
const code = try generateRandomString(allocator);
std.debug.print("\nGot {s}\n", .{code});
// const code = try generateRandomString(allocator);
const hash = try hashPassword(allocator, "password");
std.debug.print("\nGot {}\n", .{hash});
}