refactor: use argon2 instead of bcrypt
This uses argon2 instead of bcrypt. Note: this means the hash functions are now async which means we have to refactor a lot of other code around auth.
This commit is contained in:
parent
51f8341959
commit
70197bb2a5
|
@ -1,6 +1,6 @@
|
||||||
import * as cp from "child_process"
|
import * as cp from "child_process"
|
||||||
import * as crypto from "crypto"
|
import * as crypto from "crypto"
|
||||||
import * as bcrypt from "bcrypt"
|
import * as argon2 from "argon2"
|
||||||
import envPaths from "env-paths"
|
import envPaths from "env-paths"
|
||||||
import { promises as fs } from "fs"
|
import { promises as fs } from "fs"
|
||||||
import * as net from "net"
|
import * as net from "net"
|
||||||
|
@ -9,6 +9,7 @@ import * as path from "path"
|
||||||
import * as util from "util"
|
import * as util from "util"
|
||||||
import xdgBasedir from "xdg-basedir"
|
import xdgBasedir from "xdg-basedir"
|
||||||
import safeCompare from "safe-compare"
|
import safeCompare from "safe-compare"
|
||||||
|
import { logger } from "@coder/logger"
|
||||||
|
|
||||||
export interface Paths {
|
export interface Paths {
|
||||||
data: string
|
data: string
|
||||||
|
@ -120,15 +121,25 @@ export const generatePassword = async (length = 24): Promise<string> => {
|
||||||
/**
|
/**
|
||||||
* Used to hash the password.
|
* Used to hash the password.
|
||||||
*/
|
*/
|
||||||
export const hash = (password: string): string => {
|
export const hash = async (password: string): Promise<string> => {
|
||||||
return bcrypt.hashSync(password, 10)
|
try {
|
||||||
|
return await argon2.hash(password)
|
||||||
|
} catch (error) {
|
||||||
|
logger.error(error)
|
||||||
|
return ""
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Used to verify if the password matches the hash
|
* Used to verify if the password matches the hash
|
||||||
*/
|
*/
|
||||||
export const isHashMatch = (password: string, hash: string) => {
|
export const isHashMatch = async (password: string, hash: string) => {
|
||||||
return bcrypt.compareSync(password, hash)
|
try {
|
||||||
|
return await argon2.verify(hash, password)
|
||||||
|
} catch (error) {
|
||||||
|
logger.error(error)
|
||||||
|
return false
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
Loading…
Reference in New Issue