absc
/
dudeswave2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Use crypto:rand_seed(). 

It's cryptographically strong and set a better state for the
pseudo-random number generator.
main
absc 2024-07-27 13:16:05 +02:00
parent ab3ca1ec64
commit e571a69820
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
dudeswave/src/dudeswave_user_handler.erl
View File

@ -69,6 +69,7 @@ is_conflict(Req, user_exists) -> {true, Req, []};
is_conflict(Req, State) -> {false, Req, State}. is_conflict(Req, State) -> {false, Req, State}.
create_user(Req, {Bucket, [{name, Name}, {username, User}, {password, Pass}]}) -> create_user(Req, {Bucket, [{name, Name}, {username, User}, {password, Pass}]}) ->
crypto:rand_seed(),
Salt = rand:bytes(32), Salt = rand:bytes(32),
Hash = crypto:hash(sha256, <<Pass/binary, Salt/binary>>), Hash = crypto:hash(sha256, <<Pass/binary, Salt/binary>>),