github/umami
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Change to synchronous password hashing.

Browse Source
This commit is contained in:
Mike Cao
2021-05-23 17:29:27 -07:00
parent 756beb2cf5
commit b2d04c00ac
5 changed files with 12 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
pages/api/account/index.js
View File

@@ -18,7 +18,7 @@ export default async (req, res) => {
const data = {};
if (password) {
data.password = await hashPassword(password);
data.password = hashPassword(password);
}
// Only admin can change these fields
@@ -51,7 +51,7 @@ export default async (req, res) => {
return badRequest(res, 'Account already exists');
}
const created = await createAccount({ username, password: await hashPassword(password) });
const created = await createAccount({ username, password: hashPassword(password) });
return ok(res, created);
}

4
pages/api/account/password.js
View File

@@ -15,13 +15,13 @@ export default async (req, res) => {
if (req.method === 'POST') {
const account = await getAccountById(user_id);
const valid = await checkPassword(current_password, account.password);
const valid = checkPassword(current_password, account.password);
if (!valid) {
return badRequest(res, 'Current password is incorrect');
}
const password = await hashPassword(new_password);
const password = hashPassword(new_password);
const updated = await updateAccount(user_id, { password });