Mizah/mizzkey
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

chore(backend): Add comments about password rehashing

Browse source
This commit is contained in:
Shun Sakai 2024-10-24 19:54:29 +09:00 committed by GitHub
parent b2dc13b751
commit 867762f88b
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 4 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

4
packages/backend/src/server/api/SigninApiService.ts
View file

@ -205,7 +205,9 @@ export class SigninApiService {
}
if (same) {
// Check if the password is still hashed using bcrypt
if (profile.password!.startsWith('$2')) {
// Rehash the password using Argon2
const newHash = await argon2.hash(password);
this.userProfilesRepository.update(user.id, {
password: newHash,
@ -227,7 +229,9 @@ export class SigninApiService {
}
try {
// Check if the password is still hashed using bcrypt
if (profile.password!.startsWith('$2')) {
// Rehash the password using Argon2
const newHash = await argon2.hash(password);
this.userProfilesRepository.update(user.id, {
password: newHash,