From 867762f88bffee056a056381a26e710beb875972 Mon Sep 17 00:00:00 2001
From: Shun Sakai <sorairolake@protonmail.ch>
Date: Thu, 24 Oct 2024 19:54:29 +0900
Subject: [PATCH] chore(backend): Add comments about password rehashing

---
 packages/backend/src/server/api/SigninApiService.ts | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/packages/backend/src/server/api/SigninApiService.ts b/packages/backend/src/server/api/SigninApiService.ts
index 3463954f1b..d8655ca420 100644
--- a/packages/backend/src/server/api/SigninApiService.ts
+++ b/packages/backend/src/server/api/SigninApiService.ts
@@ -205,7 +205,9 @@ export class SigninApiService {
 			}
 
 			if (same) {
+				// Check if the password is still hashed using bcrypt
 				if (profile.password!.startsWith('$2')) {
+					// Rehash the password using Argon2
 					const newHash = await argon2.hash(password);
 					this.userProfilesRepository.update(user.id, {
 						password: newHash,
@@ -227,7 +229,9 @@ export class SigninApiService {
 			}
 
 			try {
+				// Check if the password is still hashed using bcrypt
 				if (profile.password!.startsWith('$2')) {
+					// Rehash the password using Argon2
 					const newHash = await argon2.hash(password);
 					this.userProfilesRepository.update(user.id, {
 						password: newHash,