shaytan/rustdesk-api
1
0
Fork 0
mirror of https://github.com/lejianwen/rustdesk-api.git synced 2025-12-03 10:33:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat(password): Password hashing with bcrypt (#290)

Browse Source 
* feat(password): add configurable password hashing with md5 and bcrypt

* docs: add password hashing algorithm configuration (bcrypt/md5)

* feat(password): better bcrypt fallback and minor refactoring

* feat(password): handle errors in password encryption and verification

* feat(password): remove password hashing algorithm configuration
This commit is contained in:
Plynksiy Nikita
2025-06-24 12:23:36 +03:00
committed by GitHub
parent aa04b225b9
commit 9d2b589faa
6 changed files with 116 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
service/user.go
View File

@@ -55,7 +55,18 @@ func (us *UserService) InfoByUsernamePassword(username, password string) *model.
Logger.Warn("Fallback to local database")
}
u := &model.User{}
DB.Where("username = ? and password = ?", username, us.EncryptPassword(password)).First(u)
DB.Where("username = ?", username).First(u)
if u.Id == 0 {
return u
}
ok, newHash, err := utils.VerifyPassword(u.Password, password)
if err != nil || !ok {
return &model.User{}
}
if newHash != "" {
DB.Model(u).Update("password", newHash)
u.Password = newHash
}
return u
}
@@ -151,11 +162,6 @@ func (us *UserService) ListIdAndNameByGroupId(groupId uint) (res []*model.User)
return res
}
// EncryptPassword 加密密码
func (us *UserService) EncryptPassword(password string) string {
return utils.Md5(password + "rustdesk-api")
}
// CheckUserEnable 判断用户是否禁用
func (us *UserService) CheckUserEnable(u *model.User) bool {
return u.Status == model.COMMON_STATUS_ENABLE
@@ -168,7 +174,11 @@ func (us *UserService) Create(u *model.User) error {
return errors.New("UsernameExists")
}
u.Username = us.formatUsername(u.Username)
u.Password = us.EncryptPassword(u.Password)
var err error
u.Password, err = utils.EncryptPassword(u.Password)
if err != nil {
return err
}
res := DB.Create(u).Error
return res
}
@@ -268,8 +278,12 @@ func (us *UserService) FlushTokenByUuids(uuids []string) error {
// UpdatePassword 更新密码
func (us *UserService) UpdatePassword(u *model.User, password string) error {
u.Password = us.EncryptPassword(password)
err := DB.Model(u).Update("password", u.Password).Error
var err error
u.Password, err = utils.EncryptPassword(password)
if err != nil {
return err
}
err = DB.Model(u).Update("password", u.Password).Error
if err != nil {
return err
}