phoenix/icarus_auth
1
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases 46 Wiki Activity

Code cleanup
All checks were successful
Rust Build / Check (pull_request) Successful in 42s
Details
Rust Build / Test Suite (pull_request) Successful in 58s
Details
Rust Build / Rustfmt (pull_request) Successful in 26s
Details
Rust Build / Clippy (pull_request) Successful in 45s
Details
Rust Build / build (pull_request) Successful in 1m30s
Details

Browse Source
This commit is contained in:
phoenix
2025-04-07 13:56:26 -04:00
parent 6b7fa86f59
commit 785af4b4a3
2 changed files with 9 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
src/callers/login.rs
View File

@@ -45,11 +45,7 @@ pub mod endpoint {
// Check if user exists // Check if user exists
match repo::user::get(&pool, &payload.username).await { match repo::user::get(&pool, &payload.username).await {
Ok(user) => { Ok(user) => {
// let salt = repo::salt::get(&pool, &user.salt_id).await.unwrap(); if hashing::verify_password(&payload.password, user.password.clone()).unwrap() {
// let salt_str = hashing::get_salt(&salt.salt).unwrap();
let unhashed_password = payload.password;
if hashing::verify_password(&unhashed_password, user.password.clone()).unwrap() {
// Create token // Create token
let key = token_stuff::get_key().unwrap(); let key = token_stuff::get_key().unwrap();
let (token_literal, duration) = token_stuff::create_token(&key).unwrap(); let (token_literal, duration) = token_stuff::create_token(&key).unwrap();
@@ -74,17 +70,6 @@ pub mod endpoint {
} else { } else {
return not_found("Error Hashing").await; return not_found("Error Hashing").await;
} }
// Check if password is correct
/*
match hashing::hash_password(&unhashed_password, &salt_str) {
Ok(hash_password) => {
}
Err(err) => {
return not_found(&err.to_string()).await;
}
}
*/
} }
Err(err) => { Err(err) => {
return not_found(&err.to_string()).await; return not_found(&err.to_string()).await;

25
src/hashing/mod.rs
View File

@@ -11,8 +11,7 @@ use argon2::{
pub fn generate_salt() -> Result<SaltString, argon2::Error> { pub fn generate_salt() -> Result<SaltString, argon2::Error> {
// Generate a random salt // Generate a random salt
// SaltString::generate uses OsRng internally for cryptographic security // SaltString::generate uses OsRng internally for cryptographic security
let salt = SaltString::generate(&mut OsRng); Ok(SaltString::generate(&mut OsRng))
Ok(salt)
} }
pub fn get_salt(s: &str) -> Result<SaltString, argon2::password_hash::Error> { pub fn get_salt(s: &str) -> Result<SaltString, argon2::password_hash::Error> {
@@ -32,9 +31,7 @@ pub fn hash_password(
// Hash the password with the salt // Hash the password with the salt
// The output is a PasswordHash string format that includes algorithm, version, // The output is a PasswordHash string format that includes algorithm, version,
// parameters, salt, and the hash itself. // parameters, salt, and the hash itself.
let password_hash = argon2.hash_password(password_bytes, salt)?.to_string(); Ok(argon2.hash_password(password_bytes, salt)?.to_string())
Ok(password_hash)
} }
pub fn verify_password( pub fn verify_password(
@@ -48,11 +45,9 @@ pub fn verify_password(
let parsed_hash = argon2::PasswordHash::new(stored_hash.as_str())?; let parsed_hash = argon2::PasswordHash::new(stored_hash.as_str())?;
// Create an Argon2 instance (it will use the parameters from the parsed hash) // Create an Argon2 instance (it will use the parameters from the parsed hash)
let argon2 = Argon2::default();
// Verify the password against the parsed hash // Verify the password against the parsed hash
// This automatically uses the correct salt and parameters embedded in `parsed_hash` // This automatically uses the correct salt and parameters embedded in `parsed_hash`
match argon2.verify_password(password_bytes, &parsed_hash) { match Argon2::default().verify_password(password_bytes, &parsed_hash) {
Ok(()) => Ok(true), // Passwords match Ok(()) => Ok(true), // Passwords match
Err(argon2::password_hash::Error::Password) => Ok(false), // Passwords don't match Err(argon2::password_hash::Error::Password) => Ok(false), // Passwords don't match
Err(e) => Err(e), // Some other error occurred (e.g., invalid hash format) Err(e) => Err(e), // Some other error occurred (e.g., invalid hash format)
@@ -66,8 +61,7 @@ mod tests {
#[test] #[test]
fn test_hash_password() { fn test_hash_password() {
let some_password = String::from("somethingrandom"); let some_password = String::from("somethingrandom");
let salt = generate_salt().unwrap(); match hash_password(&some_password, &generate_salt().unwrap()) {
match hash_password(&some_password, &salt) {
Ok(p) => match verify_password(&some_password, p.clone()) { Ok(p) => match verify_password(&some_password, p.clone()) {
Ok(res) => { Ok(res) => {
assert_eq!(res, true); assert_eq!(res, true);
@@ -85,22 +79,19 @@ mod tests {
#[test] #[test]
fn test_wrong_password() { fn test_wrong_password() {
let some_password = String::from("somethingrandom"); let some_password = String::from("somethingrandom");
let salt = generate_salt().unwrap(); match hash_password(&some_password, &generate_salt().unwrap()) {
match hash_password(&some_password, &salt) {
Ok(p) => { Ok(p) => {
match verify_password(&some_password, p.clone()) { match verify_password(&some_password, p.clone()) {
Ok(res) => { Ok(res) => {
assert_eq!(res, true, "Passwords are not verified"); assert_eq!(res, true, "Passwords are not verified");
let wrong_password = String::from("Differentanotherlevel");
// wrong_password = some_password;
// let hashed_wrong_password = hash_password(&wrong_password, &salt).unwrap();
let result = verify_password(&wrong_password, p.clone()).unwrap();
assert_eq!(false, result, "Passwords should not match");
} }
Err(err) => { Err(err) => {
assert!(false, "Error: {:?}", err.to_string()); assert!(false, "Error: {:?}", err.to_string());
} }
} }
let wrong_password = String::from("Differentanotherlevel");
let result = verify_password(&wrong_password, p.clone()).unwrap();
assert_eq!(false, result, "Passwords should not match");
} }
Err(err) => { Err(err) => {
assert!(false, "Error: {:?}", err.to_string()); assert!(false, "Error: {:?}", err.to_string());