magmaus3/continuwuity
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Abstract password hashing into util.

Browse source 
Signed-off-by: Jason Volk <jason@zemos.net>
This commit is contained in:
Jason Volk 2024-06-04 23:51:02 +00:00
parent 282c2feca8
commit 732e8b82aa
13 changed files with 92 additions and 64 deletions
Download patch file Download diff file Expand all files Collapse all files

13
src/service/uiaa/mod.rs
View file

@ -2,8 +2,7 @@ mod data;
use std::sync::Arc;
use argon2::{PasswordHash, PasswordVerifier};
use conduit::{utils, Error, Result};
use conduit::{utils, utils::hash, Error, Result};
use data::Data;
use ruma::{
api::client::{
@ -70,15 +69,7 @@ impl Service {
// Check if password is correct
if let Some(hash) = services().users.password_hash(&user_id)? {
let hash_matches = services()
.globals
.argon
.verify_password(
password.as_bytes(),
&PasswordHash::new(&hash).expect("valid hash in database"),
)
.is_ok();
let hash_matches = hash::verify_password(password, &hash).is_ok();
if !hash_matches {
uiaainfo.auth_error = Some(ruma::api::client::error::StandardErrorBody {
kind: ErrorKind::forbidden(),