probably make User::create hash the password before putting it in the database idk i havent tested it yet

2024-01-30 09:39:02 -08:00 · 2024-01-30 09:39:02 -08:00 · 2dc38be1e1
parent d01ee9ae73
commit 2dc38be1e1
4 changed files with 17 additions and 2 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -519,6 +519,7 @@ version = "0.1.0"
 dependencies = [
 "rocket",
 "rocket_db_pools",
+ "sha256",
 "sqlx",
 ]

@ -1696,6 +1697,19 @@ dependencies = [
 "digest",
 ]

+[[package]]
+name = "sha256"
+version = "1.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "18278f6a914fa3070aa316493f7d2ddfb9ac86ebc06fa3b83bffda487e9065b0"
+dependencies = [
+ "async-trait",
+ "bytes",
+ "hex",
+ "sha2",
+ "tokio",
+]
+
 [[package]]
 name = "sharded-slab"
 version = "0.1.7"
--- a/Cargo.toml
+++ b/Cargo.toml
@ -8,5 +8,6 @@ edition = "2021"
 [dependencies]
 rocket = {version="0.5.0",features=["secrets","json"]}
 rocket_db_pools = {version="0.1.0",features=["sqlx_postgres"]}
+sha256 = "1.5.0"
 sqlx = { version = "0.7.3", features = ["macros", "postgres"] }
 # rocket_sync_db_pools = { version = "0.1.0", features = ["diesel_postgres_pool", "diesel"] }
--- a/src/main.rs
+++ b/src/main.rs
@ -160,7 +160,7 @@ async fn main() {
        .attach(AdHoc::on_ignite("DB Migrations", migrate))
        .mount(
            "/",
-            routes![hello, get_book, delay, login, logout, dbtest, dbcreate],
+            routes![hello, get_book, delay, login, logout, dbtest, dbcreate, createuser],
        )
        .register("/", catchers![default_catcher])
        .mount("/login", FileServer::from("/srv/web"))
--- a/src/tables.rs
+++ b/src/tables.rs
@ -72,7 +72,7 @@ impl User {
        "#,
                )
                .bind(username)
-                .bind(password),
+                .bind(sha256::digest(password)),
            )
            .await
        {