From 70197bb2a514cd8dfc1115233c94b385aed9afa7 Mon Sep 17 00:00:00 2001 From: Joe Previte Date: Wed, 2 Jun 2021 12:47:22 -0700 Subject: [PATCH] refactor: use argon2 instead of bcrypt This uses argon2 instead of bcrypt. Note: this means the hash functions are now async which means we have to refactor a lot of other code around auth. --- src/node/util.ts | 21 ++++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/src/node/util.ts b/src/node/util.ts index 495c3389..e3039d89 100644 --- a/src/node/util.ts +++ b/src/node/util.ts @@ -1,6 +1,6 @@ import * as cp from "child_process" import * as crypto from "crypto" -import * as bcrypt from "bcrypt" +import * as argon2 from "argon2" import envPaths from "env-paths" import { promises as fs } from "fs" import * as net from "net" @@ -9,6 +9,7 @@ import * as path from "path" import * as util from "util" import xdgBasedir from "xdg-basedir" import safeCompare from "safe-compare" +import { logger } from "@coder/logger" export interface Paths { data: string @@ -120,15 +121,25 @@ export const generatePassword = async (length = 24): Promise => { /** * Used to hash the password. */ -export const hash = (password: string): string => { - return bcrypt.hashSync(password, 10) +export const hash = async (password: string): Promise => { + try { + return await argon2.hash(password) + } catch (error) { + logger.error(error) + return "" + } } /** * Used to verify if the password matches the hash */ -export const isHashMatch = (password: string, hash: string) => { - return bcrypt.compareSync(password, hash) +export const isHashMatch = async (password: string, hash: string) => { + try { + return await argon2.verify(hash, password) + } catch (error) { + logger.error(error) + return false + } } /**