innohub/tatort
7
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

remove jssha and add bcrypt for password hashing with salt

Browse Source
This commit is contained in:
Chi Cong Tran
2025-08-21 10:52:29 +02:00
parent 723ec0773d
commit ec15095da3
6 changed files with 48 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/init/init_db.ts
View File

@@ -1,5 +1,5 @@
import Database from 'better-sqlite3';
import jsSHA from 'jssha';
import bcrypt from 'bcrypt';
const db = new Database('./src/lib/data/tatort.db');
@@ -11,7 +11,8 @@ db.exec(createSQLStmt);
// check if there are any users; if not add one default admin one
const userPassword = 'A-InnoHUB_2025!';
const hashedUserPassword = new jsSHA('SHA-512', 'TEXT').update(userPassword).getHash('HEX');
const saltRounds = 12;
const hashedUserPassword = bcrypt.hashSync(userPassword, saltRounds);
const checkInsertSQLStmt = `INSERT INTO users (name, pw) SELECT 'admin', '${hashedUserPassword}'
WHERE NOT EXISTS (SELECT * FROM users);`;