sha256 hash password. (#60)

2024-07-24 14:40:50 +12:00 · 2023-11-19 15:31:18 +01:00
parent 9d1ea87128
commit d9bcde3331
3 changed files with 22 additions and 6 deletions
--- a/internal/member/file/provider.go
+++ b/internal/member/file/provider.go
@ -1,6 +1,7 @@
 package file

 import (
+	"crypto/sha256"
 	"encoding/json"
 	"io"
 	"os"
@ -18,6 +19,17 @@ type MemberProviderCtx struct {
 	config Config
 }

+func (provider *MemberProviderCtx) hash(password string) string {
+	// if hash is disabled, return password as plain text
+	if !provider.config.Hash {
+		return password
+	}
+
+	sha256 := sha256.New()
+	sha256.Write([]byte(password))
+	return string(sha256.Sum(nil))
+}
+
 func (provider *MemberProviderCtx) Connect() error {
 	return nil
 }
@ -35,8 +47,7 @@ func (provider *MemberProviderCtx) Authenticate(username string, password string
 		return "", types.MemberProfile{}, err
 	}

-	// TODO: Use hash function.
-	if entry.Password != password {
+	if entry.Password != provider.hash(password) {
 		return "", types.MemberProfile{}, types.ErrMemberInvalidPassword
 	}

@ -58,8 +69,7 @@ func (provider *MemberProviderCtx) Insert(username string, password string, prof
 	}

 	entries[id] = MemberEntry{
-		// TODO: Use hash function.
-		Password: password,
+		Password: provider.hash(password),
 		Profile:  profile,
 	}

@ -94,8 +104,7 @@ func (provider *MemberProviderCtx) UpdatePassword(id string, password string) er
 		return types.ErrMemberDoesNotExist
 	}

-	// TODO: Use hash function.
-	entry.Password = password
+	entry.Password = provider.hash(password)
 	entries[id] = entry

 	return provider.serialize(entries)
--- a/internal/member/file/types.go
+++ b/internal/member/file/types.go
@ -11,4 +11,5 @@ type MemberEntry struct {

 type Config struct {
 	Path string
+	Hash bool
 }