Skip to content

Commit

Permalink
feat(server): Implement blake3 password hashing
Browse files Browse the repository at this point in the history
  • Loading branch information
@mxxntype
mxxntype committed May 22, 2024
1 parent 561fec5 commit 15bec45
Show file tree
Hide file tree
Showing 3 changed files with 42 additions and 2 deletions.
32 changes: 32 additions & 0 deletions Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions server/Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ path = "src/main.rs"
path = "src/lib.rs"

[dependencies]
blake3 = "1.5.1"
color-eyre = "0.6.3"
diesel = { version = "2.1.6", features = ["postgres", "uuid", "r2d2"] }
futures = "0.3.30"
Expand Down
11 changes: 9 additions & 2 deletions server/src/services/registry.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ impl proto::registry_server::Registry for Registry {
use diesel::query_dsl::methods::{FilterDsl, SelectDsl};
use diesel::{ExpressionMethods, OptionalExtension, RunQueryDsl, SelectableHelper};

let credentials = request.into_inner();
let mut credentials = request.into_inner();
let duplicate_user = users
.filter(username.eq(&credentials.username))
.select(User::as_select())
Expand All @@ -52,6 +52,9 @@ impl proto::registry_server::Registry for Registry {
match duplicate_user {
// No duplicate usernames found, registering a new account.
None => {
// Hash the password using Blake3.
credentials.password = blake3::hash(credentials.password.as_bytes()).to_string();

let mut rng = self.rng.lock().await;
let user = User::new(credentials.username.clone(), credentials.password, &mut rng);
let _ = diesel::insert_into(users)
Expand Down Expand Up @@ -86,7 +89,11 @@ impl proto::registry_server::Registry for Registry {
use diesel::query_dsl::methods::{FilterDsl, SelectDsl};
use diesel::{ExpressionMethods, OptionalExtension, RunQueryDsl, SelectableHelper};

let credentials = request.into_inner();
let mut credentials = request.into_inner();

// Hash the password using Blake3.
credentials.password = blake3::hash(credentials.password.as_bytes()).to_string();

let candidate_user = users
.filter(username.eq(&credentials.username))
.filter(password.eq(&credentials.password))
Expand Down

0 comments on commit 15bec45

Please sign in to comment.