Salting and hashing admin creds upon creation
This commit is contained in:
parent
503ba812f2
commit
1c9d0a6207
@ -5,7 +5,7 @@ use clap::Parser;
|
||||
use postgres::{Client, NoTls};
|
||||
use base64::{engine::general_purpose::URL_SAFE_NO_PAD, Engine as _};
|
||||
use serde::Serialize;
|
||||
use argon2::{Argon2, PasswordHasher, password_hash::Salt, PasswordHash};
|
||||
use argon2::{Argon2, PasswordHasher, password_hash::Salt};
|
||||
|
||||
|
||||
const PASSWORD_LENGTH: usize = 64;
|
||||
@ -44,8 +44,9 @@ fn random_string(size: usize) -> String {
|
||||
}
|
||||
|
||||
fn salt_and_hash(password: &str) -> String {
|
||||
let salt = random_string(8);
|
||||
let salt: Salt = salt.as_str().try_into().unwrap();
|
||||
// Generates a salted and hashed variation of the given password
|
||||
let salt_str = random_string(8);
|
||||
let salt: Salt = salt_str.as_str().try_into().unwrap();
|
||||
let a2 = Argon2::default();
|
||||
let hash = a2.hash_password(password.as_bytes(), salt).unwrap();
|
||||
hash.to_string()
|
||||
@ -91,9 +92,10 @@ fn full_setup(args: Args) -> Result<Config, postgres::Error> {
|
||||
client.batch_execute(&setup_tables_script)?;
|
||||
|
||||
// Populate the user table with the first user ( owner )
|
||||
let salted = salt_and_hash(&bubble_admin.password);
|
||||
client.execute(
|
||||
"INSERT INTO users (id, username, password) VALUES (gen_random_uuid(), $1, $2)",
|
||||
&[&bubble_admin.username, &bubble_admin.password]
|
||||
&[&bubble_admin.username, &salted]
|
||||
)?;
|
||||
Ok(Config {
|
||||
postgres: postgres_admin,
|
||||
|
Loading…
Reference in New Issue
Block a user