devstack/authorizer
4
0
Fork 0
Code Pull Requests Actions Activity

universal-hashing-sha256

Browse Source
This commit is contained in:
Untone
2024-01-04 22:15:22 +03:00
parent 3bd3a52d3b
commit 1f3cb1aab9
5 changed files with 31 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
server/resolvers/login.go
View File

@@ -7,13 +7,13 @@ import (
"time"
"github.com/google/uuid"
"golang.org/x/crypto/bcrypt"
log "github.com/sirupsen/logrus"
"github.com/authorizerdev/authorizer/server/authenticators"
"github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/cookie"
"github.com/authorizerdev/authorizer/server/crypto"
"github.com/authorizerdev/authorizer/server/db"
"github.com/authorizerdev/authorizer/server/db/models"
mailService "github.com/authorizerdev/authorizer/server/email"
@@ -104,7 +104,7 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes
return res, fmt.Errorf(`phone number is not verified`)
}
}
err = bcrypt.CompareHashAndPassword([]byte(*user.Password), []byte(params.Password))
err = crypto.VerifyPassword(*user.Password, params.Password)
if err != nil {
log.Debug("Failed to compare password: ", err)
return res, fmt.Errorf(`bad user credentials`)

3
server/resolvers/mobile_login.go
View File

@@ -12,6 +12,7 @@ import (
"github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/cookie"
"github.com/authorizerdev/authorizer/server/crypto"
"github.com/authorizerdev/authorizer/server/db"
"github.com/authorizerdev/authorizer/server/db/models"
"github.com/authorizerdev/authorizer/server/graph/model"
@@ -69,7 +70,7 @@ func MobileLoginResolver(ctx context.Context, params model.MobileLoginInput) (*m
return res, fmt.Errorf(`phone number is not verified`)
}
err = bcrypt.CompareHashAndPassword([]byte(*user.Password), []byte(params.Password))
err = crypto.VerifyPassword(*user.Password, params.Password)
if err != nil {
log.Debug("Failed to compare password: ", err)

2
server/resolvers/update_profile.go
View File

@@ -163,7 +163,7 @@ func UpdateProfileResolver(ctx context.Context, params model.UpdateProfileInput)
}
if isPasswordChanging && user.Password != nil && params.OldPassword != nil {
if err = bcrypt.CompareHashAndPassword([]byte(refs.StringValue(user.Password)), []byte(refs.StringValue(params.OldPassword))); err != nil {
if err = crypto.VerifyPassword(refs.StringValue(user.Password), refs.StringValue(params.OldPassword)); err != nil {
log.Debug("Failed to compare hash and old password: ", err)
return res, fmt.Errorf("incorrect old password")
}