hash passwords with argon
This commit is contained in:
parent
ac1c466866
commit
2e3750121a
3 changed files with 48 additions and 2 deletions
33
Cargo.lock
generated
33
Cargo.lock
generated
|
|
@ -125,6 +125,18 @@ dependencies = [
|
||||||
"windows-sys 0.59.0",
|
"windows-sys 0.59.0",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "argon2"
|
||||||
|
version = "0.5.3"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "3c3610892ee6e0cbce8ae2700349fcf8f98adb0dbfbee85aec3c9179d29cc072"
|
||||||
|
dependencies = [
|
||||||
|
"base64ct",
|
||||||
|
"blake2",
|
||||||
|
"cpufeatures",
|
||||||
|
"password-hash",
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "arrayvec"
|
name = "arrayvec"
|
||||||
version = "0.7.6"
|
version = "0.7.6"
|
||||||
|
|
@ -456,6 +468,15 @@ dependencies = [
|
||||||
"wyz",
|
"wyz",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "blake2"
|
||||||
|
version = "0.10.6"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "46502ad458c9a52b69d4d4d32775c788b7a1b85e8bc9d482d92250fc0e3f8efe"
|
||||||
|
dependencies = [
|
||||||
|
"digest",
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "block-buffer"
|
name = "block-buffer"
|
||||||
version = "0.10.4"
|
version = "0.10.4"
|
||||||
|
|
@ -1429,6 +1450,7 @@ dependencies = [
|
||||||
name = "mailauth"
|
name = "mailauth"
|
||||||
version = "0.1.0"
|
version = "0.1.0"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
|
"argon2",
|
||||||
"axum",
|
"axum",
|
||||||
"axum-extra",
|
"axum-extra",
|
||||||
"dotenvy",
|
"dotenvy",
|
||||||
|
|
@ -1736,6 +1758,17 @@ dependencies = [
|
||||||
"windows-targets 0.52.6",
|
"windows-targets 0.52.6",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "password-hash"
|
||||||
|
version = "0.5.0"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "346f04948ba92c43e8469c1ee6736c7563d71012b17d40745260fe106aac2166"
|
||||||
|
dependencies = [
|
||||||
|
"base64ct",
|
||||||
|
"rand_core",
|
||||||
|
"subtle",
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "paste"
|
name = "paste"
|
||||||
version = "1.0.15"
|
version = "1.0.15"
|
||||||
|
|
|
||||||
|
|
@ -36,3 +36,4 @@ sea-orm = { version = "1.1.0", features = [ "sqlx-sqlite", "runtime-tokio-native
|
||||||
migration = { path = "migration" }
|
migration = { path = "migration" }
|
||||||
minijinja = "2.4.0"
|
minijinja = "2.4.0"
|
||||||
thiserror = "2.0.3"
|
thiserror = "2.0.3"
|
||||||
|
argon2 = {version = "0.5.3", features = ["password-hash"]}
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,9 @@
|
||||||
|
use argon2::password_hash::SaltString;
|
||||||
|
use argon2::{Argon2, PasswordHasher};
|
||||||
use axum::Form;
|
use axum::Form;
|
||||||
use axum::{extract::State, Extension};
|
use axum::{extract::State, Extension};
|
||||||
|
use rand::rngs::OsRng;
|
||||||
|
use reqwest::StatusCode;
|
||||||
use sea_orm::{ActiveModelTrait, ActiveValue, ColumnTrait, EntityTrait, QueryFilter};
|
use sea_orm::{ActiveModelTrait, ActiveValue, ColumnTrait, EntityTrait, QueryFilter};
|
||||||
use serde::{Deserialize, Serialize};
|
use serde::{Deserialize, Serialize};
|
||||||
|
|
||||||
|
|
@ -22,16 +26,24 @@ pub async fn update_password(
|
||||||
.one(&state.conn)
|
.one(&state.conn)
|
||||||
.await?;
|
.await?;
|
||||||
|
|
||||||
|
let salt = SaltString::generate(&mut OsRng);
|
||||||
|
let password = Argon2::default()
|
||||||
|
.hash_password(form.password.as_ref(), &salt)
|
||||||
|
.map_err(|e| ThisError::Generic {
|
||||||
|
code: StatusCode::INTERNAL_SERVER_ERROR,
|
||||||
|
message: e.to_string(),
|
||||||
|
})?;
|
||||||
|
|
||||||
match user_option {
|
match user_option {
|
||||||
Some(user) => {
|
Some(user) => {
|
||||||
let mut user: user::ActiveModel = user.into();
|
let mut user: user::ActiveModel = user.into();
|
||||||
user.password = ActiveValue::Set(form.password);
|
user.password = ActiveValue::Set(password.to_string());
|
||||||
user.update(&state.conn).await?;
|
user.update(&state.conn).await?;
|
||||||
}
|
}
|
||||||
None => {
|
None => {
|
||||||
let user = user::ActiveModel {
|
let user = user::ActiveModel {
|
||||||
userid: ActiveValue::Set(session.name.to_owned()),
|
userid: ActiveValue::Set(session.name.to_owned()),
|
||||||
password: ActiveValue::Set(form.password),
|
password: ActiveValue::Set(password.to_string()),
|
||||||
..Default::default()
|
..Default::default()
|
||||||
};
|
};
|
||||||
user.insert(&state.conn).await?;
|
user.insert(&state.conn).await?;
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue