swissmakers_gmbh/wireguard-manager
12
0
Fork 0
mirror of https://github.com/swissmakers/wireguard-manager.git synced 2026-04-11 13:47:05 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add support for password hashes as an optional alternative to plaintext passwords (#216)

Browse Source
This commit is contained in:
Marcus Wichelmann
2022-09-30 10:24:54 +02:00
committed by GitHub
parent 29b017f277
commit 2c2db61158
8 changed files with 67 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
handler/routes.go
View File

@@ -51,7 +51,18 @@ func Login(db store.IStore) echo.HandlerFunc {
}
userCorrect := subtle.ConstantTimeCompare([]byte(user.Username), []byte(dbuser.Username)) == 1
passwordCorrect := subtle.ConstantTimeCompare([]byte(user.Password), []byte(dbuser.Password)) == 1
var passwordCorrect bool
if dbuser.PasswordHash != "" {
match, err := util.VerifyHash(dbuser.PasswordHash, user.Password)
if err != nil {
return c.JSON(http.StatusInternalServerError, jsonHTTPResponse{false, "Cannot verify password"})
}
passwordCorrect = match
} else {
passwordCorrect = subtle.ConstantTimeCompare([]byte(user.Password), []byte(dbuser.Password)) == 1
}
if userCorrect && passwordCorrect {
// TODO: refresh the token
sess, _ := session.Get("session", c)