Skip to content

Commit a24d82a

Browse files
committed
refactor: use argon2 instead of bcrypt
This uses argon2 instead of bcrypt. Note: this means the hash functions are now async which means we have to refactor a lot of other code around auth.
1 parent ff23227 commit a24d82a

File tree

1 file changed

+16
-5
lines changed

1 file changed

+16
-5
lines changed

src/node/util.ts

Lines changed: 16 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
import * as cp from "child_process"
22
import * as crypto from "crypto"
3-
import * as bcrypt from "bcrypt"
3+
import * as argon2 from "argon2"
44
import envPaths from "env-paths"
55
import { promises as fs } from "fs"
66
import * as net from "net"
@@ -9,6 +9,7 @@ import * as path from "path"
99
import * as util from "util"
1010
import xdgBasedir from "xdg-basedir"
1111
import safeCompare from "safe-compare"
12+
import { logger } from "@coder/logger"
1213

1314
export interface Paths {
1415
data: string
@@ -120,15 +121,25 @@ export const generatePassword = async (length = 24): Promise<string> => {
120121
/**
121122
* Used to hash the password.
122123
*/
123-
export const hash = (password: string): string => {
124-
return bcrypt.hashSync(password, 10)
124+
export const hash = async (password: string): Promise<string> => {
125+
try {
126+
return await argon2.hash(password)
127+
} catch (error) {
128+
logger.error(error)
129+
return ""
130+
}
125131
}
126132

127133
/**
128134
* Used to verify if the password matches the hash
129135
*/
130-
export const isHashMatch = (password: string, hash: string) => {
131-
return bcrypt.compareSync(password, hash)
136+
export const isHashMatch = async (password: string, hash: string) => {
137+
try {
138+
return await argon2.verify(hash, password)
139+
} catch (error) {
140+
logger.error(error)
141+
return false
142+
}
132143
}
133144

134145
/**

0 commit comments

Comments
 (0)