Change to synchronous password hashing.

deeftah · May 24, 2021 · b2d04c0 · b2d04c0
1 parent 756beb2
commit b2d04c0
Show file tree

Hide file tree

Showing 5 changed files with 12 additions and 12 deletions.
diff --git a/lib/crypto.js b/lib/crypto.js
@@ -39,11 +39,11 @@ export function getRandomChars(n) {
   return s;
 }
 
-export async function hashPassword(password) {
+export function hashPassword(password) {
   return bcrypt.hashSync(password, SALT_ROUNDS);
 }
 
-export async function checkPassword(password, hash) {
+export function checkPassword(password, hash) {
   return bcrypt.compareSync(password, hash);
 }
 

diff --git a/pages/api/account/index.js b/pages/api/account/index.js
@@ -18,7 +18,7 @@ export default async (req, res) => {
         const data = {};
 
         if (password) {
-          data.password = await hashPassword(password);
+          data.password = hashPassword(password);
         }
 
         // Only admin can change these fields
@@ -51,7 +51,7 @@ export default async (req, res) => {
         return badRequest(res, 'Account already exists');
       }
 
-      const created = await createAccount({ username, password: await hashPassword(password) });
+      const created = await createAccount({ username, password: hashPassword(password) });
 
       return ok(res, created);
     }

diff --git a/pages/api/account/password.js b/pages/api/account/password.js
@@ -15,13 +15,13 @@ export default async (req, res) => {
 
   if (req.method === 'POST') {
     const account = await getAccountById(user_id);
-    const valid = await checkPassword(current_password, account.password);
+    const valid = checkPassword(current_password, account.password);
 
     if (!valid) {
       return badRequest(res, 'Current password is incorrect');
     }
 
-    const password = await hashPassword(new_password);
+    const password = hashPassword(new_password);
 
     const updated = await updateAccount(user_id, { password });
 

diff --git a/prisma/seed.js b/prisma/seed.js
@@ -1,14 +1,14 @@
-const bcrypt = require('bcrypt');
+const bcrypt = require('bcryptjs');
 const { PrismaClient } = require('@prisma/client');
 const prisma = new PrismaClient();
 const SALT_ROUNDS = 10;
 
 const hashPassword = password => {
-  return bcrypt.hash(password, SALT_ROUNDS);
+  return bcrypt.hashSync(password, SALT_ROUNDS);
 };
 
 async function main() {
-  const password = await hashPassword(process.env.ADMIN_PASSWORD || 'umami');
+  const password = hashPassword(process.env.ADMIN_PASSWORD || 'umami');
   await prisma.account.upsert({
     where: { username: 'admin' },
     update: {},

diff --git a/scripts/change-password.js b/scripts/change-password.js
@@ -1,5 +1,5 @@
 require('dotenv').config();
-const bcrypt = require('bcrypt');
+const bcrypt = require('bcryptjs');
 const chalk = require('chalk');
 const prompts = require('prompts');
 const { PrismaClient } = require('@prisma/client');
@@ -25,11 +25,11 @@ const updateAccountByUsername = (username, data) => {
 };
 
 const hashPassword = password => {
-  return bcrypt.hash(password, SALT_ROUNDS);
+  return bcrypt.hashSync(password, SALT_ROUNDS);
 };
 
 const changePassword = async (username, newPassword) => {
-  const password = await hashPassword(newPassword);
+  const password = hashPassword(newPassword);
   return updateAccountByUsername(username, { password });
 };