m/umami
1
0
Fork 0
mirror of https://github.com/kremalicious/umami.git synced 2025-02-01 12:29:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Change to synchronous password hashing.

Browse Source
This commit is contained in:
Mike Cao 2021-05-23 17:29:27 -07:00
parent 756beb2cf5
commit b2d04c00ac
5 changed files with 12 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/crypto.js
View File

@ -39,11 +39,11 @@ export function getRandomChars(n) {
return s;
}
export async function hashPassword(password) {
export function hashPassword(password) {
return bcrypt.hashSync(password, SALT_ROUNDS);
}
export async function checkPassword(password, hash) {
export function checkPassword(password, hash) {
return bcrypt.compareSync(password, hash);
}

4
pages/api/account/index.js
View File

@ -18,7 +18,7 @@ export default async (req, res) => {
const data = {};
if (password) {
data.password = await hashPassword(password);
data.password = hashPassword(password);
}
// Only admin can change these fields
@ -51,7 +51,7 @@ export default async (req, res) => {
return badRequest(res, 'Account already exists');
}
const created = await createAccount({ username, password: await hashPassword(password) });
const created = await createAccount({ username, password: hashPassword(password) });
return ok(res, created);
}

4
pages/api/account/password.js
View File

@ -15,13 +15,13 @@ export default async (req, res) => {
if (req.method === 'POST') {
const account = await getAccountById(user_id);
const valid = await checkPassword(current_password, account.password);
const valid = checkPassword(current_password, account.password);
if (!valid) {
return badRequest(res, 'Current password is incorrect');
}
const password = await hashPassword(new_password);
const password = hashPassword(new_password);
const updated = await updateAccount(user_id, { password });

6
prisma/seed.js
View File

@ -1,14 +1,14 @@
const bcrypt = require('bcrypt');
const bcrypt = require('bcryptjs');
const { PrismaClient } = require('@prisma/client');
const prisma = new PrismaClient();
const SALT_ROUNDS = 10;
const hashPassword = password => {
return bcrypt.hash(password, SALT_ROUNDS);
return bcrypt.hashSync(password, SALT_ROUNDS);
};
async function main() {
const password = await hashPassword(process.env.ADMIN_PASSWORD || 'umami');
const password = hashPassword(process.env.ADMIN_PASSWORD || 'umami');
await prisma.account.upsert({
where: { username: 'admin' },
update: {},

6
scripts/change-password.js
View File

@ -1,5 +1,5 @@
require('dotenv').config();
const bcrypt = require('bcrypt');
const bcrypt = require('bcryptjs');
const chalk = require('chalk');
const prompts = require('prompts');
const { PrismaClient } = require('@prisma/client');
@ -25,11 +25,11 @@ const updateAccountByUsername = (username, data) => {
};
const hashPassword = password => {
return bcrypt.hash(password, SALT_ROUNDS);
return bcrypt.hashSync(password, SALT_ROUNDS);
};
const changePassword = async (username, newPassword) => {
const password = await hashPassword(newPassword);
const password = hashPassword(newPassword);
return updateAccountByUsername(username, { password });
};