Salting and hashing admin creds upon creation

This commit is contained in:
shockrah 2025-03-11 16:51:06 -07:00
parent 503ba812f2
commit 1c9d0a6207

View File

@ -5,7 +5,7 @@ use clap::Parser;
use postgres::{Client, NoTls};
use base64::{engine::general_purpose::URL_SAFE_NO_PAD, Engine as _};
use serde::Serialize;
use argon2::{Argon2, PasswordHasher, password_hash::Salt, PasswordHash};
use argon2::{Argon2, PasswordHasher, password_hash::Salt};
const PASSWORD_LENGTH: usize = 64;
@ -44,8 +44,9 @@ fn random_string(size: usize) -> String {
}
fn salt_and_hash(password: &str) -> String {
let salt = random_string(8);
let salt: Salt = salt.as_str().try_into().unwrap();
// Generates a salted and hashed variation of the given password
let salt_str = random_string(8);
let salt: Salt = salt_str.as_str().try_into().unwrap();
let a2 = Argon2::default();
let hash = a2.hash_password(password.as_bytes(), salt).unwrap();
hash.to_string()
@ -91,9 +92,10 @@ fn full_setup(args: Args) -> Result<Config, postgres::Error> {
client.batch_execute(&setup_tables_script)?;
// Populate the user table with the first user ( owner )
let salted = salt_and_hash(&bubble_admin.password);
client.execute(
"INSERT INTO users (id, username, password) VALUES (gen_random_uuid(), $1, $2)",
&[&bubble_admin.username, &bubble_admin.password]
&[&bubble_admin.username, &salted]
)?;
Ok(Config {
postgres: postgres_admin,