sha256-fix

server/crypto/common.go

@@ -137,24 +137,17 @@ func getSHA256(input string) string {
 // VerifyPassword compares a stored hashed password with a user-provided password
 func VerifyPassword(storedHashedPassword, userProvidedPassword string) error {
 	// CompareHashAndPassword returns nil on success
-	err := bcrypt.CompareHashAndPassword([]byte(storedHashedPassword), []byte(userProvidedPassword))
-	if err != nil {
-		passwordSHA256 := getSHA256(userProvidedPassword)
-		err = bcrypt.CompareHashAndPassword([]byte(storedHashedPassword), []byte(passwordSHA256))
-	}
+	passwordSHA256 := getSHA256(userProvidedPassword)
+	err := bcrypt.CompareHashAndPassword([]byte(storedHashedPassword), []byte(passwordSHA256))
 	return err
 }
 
 // EncryptPassword is used for encrypting password
 func EncryptPassword(password string) (string, error) {
-	pw, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
+	passwordSHA256 := getSHA256(password)
+	pw, err := bcrypt.GenerateFromPassword([]byte(passwordSHA256), bcrypt.DefaultCost)
 	if err != nil {
-		password = getSHA256(password)
-		pw, err = bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
-		if err != nil {
-			return "", err
-		}
+		return "", err
 	}
-
 	return string(pw), nil
 }