Store admin password more securely
This commit is contained in:
parent
4e3d856128
commit
12f16fd1d9
|
@ -1,5 +1,5 @@
|
|||
use argon2::{
|
||||
password_hash::{PasswordHasher, SaltString},
|
||||
password_hash::{PasswordHash, PasswordHasher, PasswordVerifier, SaltString},
|
||||
Argon2,
|
||||
};
|
||||
|
||||
|
@ -7,19 +7,39 @@ use rocket::State;
|
|||
|
||||
use std::env;
|
||||
|
||||
pub fn check_password(password: &str, salt: &State<SaltString>, argon2: &State<Argon2>) -> bool {
|
||||
let entered_password = password.as_bytes(); // Get the user entered password
|
||||
let hashed_password = argon2 // Hash the password
|
||||
.hash_password(entered_password, &salt.as_ref())
|
||||
.unwrap()
|
||||
.to_string();
|
||||
let mut admin_password = env::var("ADMIN_PASSWD").unwrap(); // Get the provided admin password from the environment variable
|
||||
admin_password = argon2 // Hash the admin password
|
||||
.hash_password(admin_password.as_bytes(), &salt.as_ref())
|
||||
.unwrap()
|
||||
.to_string();
|
||||
pub fn admin_password_exists() -> bool {
|
||||
match env::var("ADMIN_PASSWORD") {
|
||||
Ok(_) => return true,
|
||||
Err(_) => return false,
|
||||
}
|
||||
}
|
||||
|
||||
if hashed_password == admin_password {
|
||||
pub fn set_admin_password(password: &str, salt: &State<SaltString>, argon2: &State<Argon2>) {
|
||||
let password_hash = argon2
|
||||
.hash_password(password.as_bytes(), &salt.as_ref())
|
||||
.unwrap()
|
||||
.to_string();
|
||||
env::set_var("ADMIN_PASSWORD", &password_hash);
|
||||
info!("{}", password_hash);
|
||||
}
|
||||
|
||||
pub fn check_password(password: &str, argon2: &State<Argon2>) -> bool {
|
||||
let entered_password = password.as_bytes(); // Get the user entered password
|
||||
let admin_password = match env::var("ADMIN_PASSWORD") {
|
||||
Ok(password) => password,
|
||||
Err(error) => {
|
||||
warn!("{:?}", error);
|
||||
return false;
|
||||
}
|
||||
}; // Get the provided admin password from the environment variable
|
||||
|
||||
if argon2
|
||||
.verify_password(
|
||||
entered_password,
|
||||
&PasswordHash::new(&admin_password).unwrap(),
|
||||
)
|
||||
.is_ok()
|
||||
{
|
||||
return true;
|
||||
} else {
|
||||
return false;
|
||||
|
|
|
@ -46,7 +46,7 @@ impl Fairing for CORS {
|
|||
// Launch rocket
|
||||
#[launch]
|
||||
fn rocket() -> _ {
|
||||
let mut log = paris::Logger::new();
|
||||
let log = paris::Logger::new();
|
||||
//env_logger::init();
|
||||
info!("Starting up Rocket");
|
||||
|
||||
|
@ -61,6 +61,7 @@ fn rocket() -> _ {
|
|||
.mount(
|
||||
"/",
|
||||
routes![
|
||||
set_password,
|
||||
new_order,
|
||||
update_order,
|
||||
order_info,
|
||||
|
|
Loading…
Reference in New Issue