Use crypto:rand_seed().

It's cryptographically strong and set a better state for the
pseudo-random number generator.
main
absc 2024-07-27 13:16:05 +02:00
parent ab3ca1ec64
commit e571a69820
1 changed files with 2 additions and 1 deletions

View File

@ -45,7 +45,7 @@ allowed_methods(Req, State) ->
{[<<"PUT">>], Req, State}. {[<<"PUT">>], Req, State}.
content_types_accepted(Req, State) -> content_types_accepted(Req, State) ->
{[{{ <<"application">>, <<"json">>, '*'}, create_user}], Req, State}. {[{{ <<"application">>, <<"json">>, '*'}, create_user}], Req, State}.
known_methods(Req, State) -> known_methods(Req, State) ->
{[<<"PUT">>], Req, State}. {[<<"PUT">>], Req, State}.
@ -69,6 +69,7 @@ is_conflict(Req, user_exists) -> {true, Req, []};
is_conflict(Req, State) -> {false, Req, State}. is_conflict(Req, State) -> {false, Req, State}.
create_user(Req, {Bucket, [{name, Name}, {username, User}, {password, Pass}]}) -> create_user(Req, {Bucket, [{name, Name}, {username, User}, {password, Pass}]}) ->
crypto:rand_seed(),
Salt = rand:bytes(32), Salt = rand:bytes(32),
Hash = crypto:hash(sha256, <<Pass/binary, Salt/binary>>), Hash = crypto:hash(sha256, <<Pass/binary, Salt/binary>>),