jostreff/wireguard-ui
1
0
Fork 0
mirror of https://github.com/ngoduykhanh/wireguard-ui.git synced 2025-05-24 00:24:06 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add support for password hashes as an optional alternative to plaintext passwords (#216)

Browse source
This commit is contained in:
Marcus Wichelmann 2022-09-30 10:24:54 +02:00 committed by GitHub
parent 29b017f277
commit 2c2db61158
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
8 changed files with 67 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

13
handler/routes.go
View file

@ -51,7 +51,18 @@ func Login(db store.IStore) echo.HandlerFunc {
}
userCorrect := subtle.ConstantTimeCompare([]byte(user.Username), []byte(dbuser.Username)) == 1
passwordCorrect := subtle.ConstantTimeCompare([]byte(user.Password), []byte(dbuser.Password)) == 1
var passwordCorrect bool
if dbuser.PasswordHash != "" {
match, err := util.VerifyHash(dbuser.PasswordHash, user.Password)
if err != nil {
return c.JSON(http.StatusInternalServerError, jsonHTTPResponse{false, "Cannot verify password"})
}
passwordCorrect = match
} else {
passwordCorrect = subtle.ConstantTimeCompare([]byte(user.Password), []byte(dbuser.Password)) == 1
}
if userCorrect && passwordCorrect {
// TODO: refresh the token
sess, _ := session.Get("session", c)