dan/Portfolio
1
0
Fork 0
mirror of https://github.com/danbulant/Portfolio synced 2026-05-27 05:51:56 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: use random salt for argon2, better security

Browse source
This commit is contained in:
EETagent 2022-10-28 15:02:59 +02:00
parent 7b53891007
commit 9fd161b0e8
1 changed files with 8 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
core/src/crypto.rs
View file

@ -35,14 +35,16 @@ pub async fn hash_password(
let hash = tokio::task::spawn_blocking(move || { let hash = tokio::task::spawn_blocking(move || {
let password = password_plain_text.as_bytes(); let password = password_plain_text.as_bytes();
let salt = "c2VjcmV0bHl0ZXN0aW5nZXZlcnl0aGluZw";
let encrypted = argon_config.hash_password(password, salt); let salt_str = argon2::password_hash::SaltString::generate(rand::thread_rng());
encrypted let salt = salt_str.as_salt();
})
.await??;
return Ok(hash.to_string()); return argon_config.hash_password(password, &salt).map(|x| x.serialize().to_string());
});
let hash_string = hash.await??;
return Ok(hash_string);
} }
// TODO: No unwrap for spawn_blocking // TODO: No unwrap for spawn_blocking