remove salt from table

This commit is contained in:
jb-alvarado 2023-12-11 11:25:48 +01:00
parent 136875e91d
commit 15f41148df
5 changed files with 4 additions and 12 deletions

View File

@ -163,7 +163,6 @@ pub async fn login(pool: web::Data<Pool<Sqlite>>, credentials: web::Json<User>)
let pass = user.password.clone();
let hash = PasswordHash::new(&pass).unwrap();
user.password = "".into();
user.salt = None;
if Argon2::default()
.verify_password(credentials.password.as_bytes(), &hash)
@ -307,7 +306,7 @@ async fn update_user(
.hash_password(data.password.clone().as_bytes(), &salt)
.unwrap();
fields.push_str(format!("password = '{password_hash}', salt = '{salt}'").as_str());
fields.push_str(format!("password = '{password_hash}'").as_str());
}
if handles::update_user(&pool.into_inner(), *id, fields)

View File

@ -63,7 +63,6 @@ async fn create_schema(conn: &Pool<Sqlite>) -> Result<SqliteQueryResult, sqlx::E
mail TEXT NOT NULL,
username TEXT NOT NULL,
password TEXT NOT NULL,
salt TEXT NOT NULL,
role_id INTEGER NOT NULL DEFAULT 2,
channel_id INTEGER NOT NULL DEFAULT 1,
FOREIGN KEY (role_id) REFERENCES roles (id) ON UPDATE SET NULL ON DELETE SET NULL,
@ -217,7 +216,7 @@ pub async fn select_role(conn: &Pool<Sqlite>, id: &i32) -> Result<Role, sqlx::Er
}
pub async fn select_login(conn: &Pool<Sqlite>, user: &str) -> Result<User, sqlx::Error> {
let query = "SELECT id, mail, username, password, salt, role_id FROM user WHERE username = $1";
let query = "SELECT id, mail, username, password, role_id FROM user WHERE username = $1";
sqlx::query_as(query).bind(user).fetch_one(conn).await
}
@ -249,14 +248,12 @@ pub async fn insert_user(
.hash_password(user.password.clone().as_bytes(), &salt)
.unwrap();
let query =
"INSERT INTO user (mail, username, password, salt, role_id) VALUES($1, $2, $3, $4, $5)";
let query = "INSERT INTO user (mail, username, password, role_id) VALUES($1, $2, $3, $4)";
sqlx::query(query)
.bind(user.mail)
.bind(user.username)
.bind(password_hash.to_string())
.bind(salt.to_string())
.bind(user.role_id)
.execute(conn)
.await

View File

@ -18,9 +18,6 @@ pub struct User {
pub password: String,
#[sqlx(default)]
#[serde(skip_serializing)]
pub salt: Option<String>,
#[sqlx(default)]
#[serde(skip_serializing)]
pub role_id: Option<i32>,
#[sqlx(default)]
#[serde(skip_serializing)]

View File

@ -240,7 +240,6 @@ pub async fn run_args() -> Result<(), i32> {
mail: Some(args.mail.unwrap()),
username: username.clone(),
password: args.password.unwrap(),
salt: None,
role_id: Some(1),
channel_id: Some(1),
token: None,

@ -1 +1 @@
Subproject commit 5102ff8780bbf93b1a78b4e1fa4be0f77f55b03d
Subproject commit e060cbe885a961f295fb4f6f12bc2c86b5f94192