feat: use bcrypt with salts instead of md5 for hashing password (resolve #21)

2023-08-10 21:12:56 +03:00 · 2020-05-25 21:42:45 +02:00
parent 625994d1e9
commit 08675bd99f
9 changed files with 30 additions and 22 deletions
--- a/models/config.go
+++ b/models/config.go
@@ -30,6 +30,7 @@ type Config struct {
 	CleanUp              bool
 	DefaultUserName      string
 	DefaultUserPassword  string
+	PasswordSalt         string
 	SecureCookieHashKey  string
 	SecureCookieBlockKey string
 	CustomLanguages      map[string]string
@@ -86,6 +87,7 @@ func readConfig() *Config {
 	dbHost := LookupFatal("WAKAPI_DB_HOST")
 	dbName := LookupFatal("WAKAPI_DB_NAME")
 	dbPortStr := LookupFatal("WAKAPI_DB_PORT")
+	passwordSalt := LookupFatal("WAKAPI_PASSWORD_SALT")
 	defaultUserName := LookupFatal("WAKAPI_DEFAULT_USER_NAME")
 	defaultUserPassword := LookupFatal("WAKAPI_DEFAULT_USER_PASSWORD")
 	dbPort, err := strconv.Atoi(dbPortStr)
@@ -162,6 +164,7 @@ func readConfig() *Config {
 		DbMaxConn:           dbMaxConn,
 		CleanUp:             cleanUp,
 		SecureCookie:        secureCookie,
+		PasswordSalt:        passwordSalt,
 		DefaultUserName:     defaultUserName,
 		DefaultUserPassword: defaultUserPassword,
 		CustomLanguages:     customLangs,