Change to synchronous password hashing.

2025-02-14 21:10:34 +01:00 · 2021-05-23 17:29:27 -07:00 · 2021-05-23 17:29:27 -07:00 · b2d04c00ac
commit b2d04c00ac
parent 756beb2cf5
5 changed files with 12 additions and 12 deletions
--- a/lib/crypto.js
+++ b/lib/crypto.js
@ -39,11 +39,11 @@ export function getRandomChars(n) {
  return s;
 }
-export async function hashPassword(password) {
+export function hashPassword(password) {
  return bcrypt.hashSync(password, SALT_ROUNDS);
 }
-export async function checkPassword(password, hash) {
+export function checkPassword(password, hash) {
  return bcrypt.compareSync(password, hash);
 }
--- a/pages/api/account/index.js
+++ b/pages/api/account/index.js
@ -18,7 +18,7 @@ export default async (req, res) => {
        const data = {};
        if (password) {
-          data.password = await hashPassword(password);
+          data.password = hashPassword(password);
        }
        // Only admin can change these fields
@ -51,7 +51,7 @@ export default async (req, res) => {
        return badRequest(res, 'Account already exists');
      }
-      const created = await createAccount({ username, password: await hashPassword(password) });
+      const created = await createAccount({ username, password: hashPassword(password) });
      return ok(res, created);
    }
--- a/pages/api/account/password.js
+++ b/pages/api/account/password.js
@ -15,13 +15,13 @@ export default async (req, res) => {
  if (req.method === 'POST') {
    const account = await getAccountById(user_id);
-    const valid = await checkPassword(current_password, account.password);
+    const valid = checkPassword(current_password, account.password);
    if (!valid) {
      return badRequest(res, 'Current password is incorrect');
    }
-    const password = await hashPassword(new_password);
+    const password = hashPassword(new_password);
    const updated = await updateAccount(user_id, { password });
--- a/prisma/seed.js
+++ b/prisma/seed.js
@ -1,14 +1,14 @@
-const bcrypt = require('bcrypt');
+const bcrypt = require('bcryptjs');
 const { PrismaClient } = require('@prisma/client');
 const prisma = new PrismaClient();
 const SALT_ROUNDS = 10;
 const hashPassword = password => {
-  return bcrypt.hash(password, SALT_ROUNDS);
+  return bcrypt.hashSync(password, SALT_ROUNDS);
 };
 async function main() {
-  const password = await hashPassword(process.env.ADMIN_PASSWORD || 'umami');
+  const password = hashPassword(process.env.ADMIN_PASSWORD || 'umami');
  await prisma.account.upsert({
    where: { username: 'admin' },
    update: {},
--- a/scripts/change-password.js
+++ b/scripts/change-password.js
@ -1,5 +1,5 @@
 require('dotenv').config();
-const bcrypt = require('bcrypt');
+const bcrypt = require('bcryptjs');
 const chalk = require('chalk');
 const prompts = require('prompts');
 const { PrismaClient } = require('@prisma/client');
@ -25,11 +25,11 @@ const updateAccountByUsername = (username, data) => {
 };
 const hashPassword = password => {
-  return bcrypt.hash(password, SALT_ROUNDS);
+  return bcrypt.hashSync(password, SALT_ROUNDS);
 };
 const changePassword = async (username, newPassword) => {
-  const password = await hashPassword(newPassword);
+  const password = hashPassword(newPassword);
  return updateAccountByUsername(username, { password });
 };