devstack/authorizer
4
0
Fork 0
Code Pull Requests Actions Activity

sha256-fix

Browse Source
This commit is contained in:
Untone 2024-01-05 01:41:52 +03:00
parent be88e231e0
commit 534b5624af
1 changed files with 5 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
server/crypto/common.go
View File

@ -137,24 +137,17 @@ func getSHA256(input string) string {
// VerifyPassword compares a stored hashed password with a user-provided password // VerifyPassword compares a stored hashed password with a user-provided password
func VerifyPassword(storedHashedPassword, userProvidedPassword string) error { func VerifyPassword(storedHashedPassword, userProvidedPassword string) error {
// CompareHashAndPassword returns nil on success // CompareHashAndPassword returns nil on success
err := bcrypt.CompareHashAndPassword([]byte(storedHashedPassword), []byte(userProvidedPassword))
if err != nil {
passwordSHA256 := getSHA256(userProvidedPassword) passwordSHA256 := getSHA256(userProvidedPassword)
err = bcrypt.CompareHashAndPassword([]byte(storedHashedPassword), []byte(passwordSHA256)) err := bcrypt.CompareHashAndPassword([]byte(storedHashedPassword), []byte(passwordSHA256))
}
return err return err
} }
// EncryptPassword is used for encrypting password // EncryptPassword is used for encrypting password
func EncryptPassword(password string) (string, error) { func EncryptPassword(password string) (string, error) {
pw, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost) passwordSHA256 := getSHA256(password)
if err != nil { pw, err := bcrypt.GenerateFromPassword([]byte(passwordSHA256), bcrypt.DefaultCost)
password = getSHA256(password)
pw, err = bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
if err != nil { if err != nil {
return "", err return "", err
} }
}
return string(pw), nil return string(pw), nil
} }