forked from Wroclaw/WorkshopTasker
refactor out password hashing in login.post.ts
this will be used to create the first user account in an empty database
This commit is contained in:
parent
bbe0c91d7e
commit
75f809051c
1 changed files with 8 additions and 4 deletions
|
@ -6,6 +6,12 @@ import { isString } from "../utils/isString";
|
|||
import { cookieSettings } from "../utils/rootUtils";
|
||||
import Snowflake from "~/utils/snowflake";
|
||||
|
||||
export function getPasswordHash(password: string) {
|
||||
return crypto.createHmac("sha512", "42")
|
||||
.update(password)
|
||||
.digest();
|
||||
}
|
||||
|
||||
export default defineEventHandler(async (e) => {
|
||||
if (getCookie(e, "token"))
|
||||
throw createError({ statusCode: 501, message: "Case not implemented: logging in while cookie is set" });
|
||||
|
@ -18,12 +24,10 @@ export default defineEventHandler(async (e) => {
|
|||
if (!isString(login)) throw createError({ statusCode: 400, message: "Login is not string." });
|
||||
if (!isString(password)) throw createError({ statusCode: 400, message: "Password is not string." });
|
||||
|
||||
const hashedPassword = crypto.createHmac("sha512", "42")
|
||||
.update(password)
|
||||
.digest("hex");
|
||||
const hashedPassword = getPasswordHash(password);
|
||||
|
||||
const [account] = await database.query(
|
||||
"SELECT CONVERT(`id`, CHAR(32)) AS `id` from `users` WHERE `username` = ? AND LOWER(HEX(`password`)) = ? LIMIT 1",
|
||||
"SELECT CONVERT(`id`, CHAR(32)) AS `id` from `users` WHERE `username` = ? AND `password` = ? LIMIT 1",
|
||||
[login, hashedPassword],
|
||||
)as unknown as data<{id: string}>;
|
||||
|
||||
|
|
Loading…
Reference in a new issue