Compare commits

...

2 Commits

Author SHA1 Message Date
absc ab3ca1ec64 No need to use an additional variable just to compose the salted pass. 2024-07-27 12:38:30 +02:00
absc 80af46c6be Just use the classic POST form.
JSON doesn't make any sense in this case.
2024-07-27 12:36:14 +02:00
1 changed files with 5 additions and 9 deletions

View File

@ -13,7 +13,7 @@
% ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
% OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
%
-module(dudeswave_register_handler).
-module(dudeswave_user_handler).
-moduledoc """
Register a new user.
""".
@ -53,17 +53,14 @@ known_methods(Req, State) ->
resource_exists(Req, State) ->
{ok, Bucket} = maps:find(bucket, State),
case cowboy:read_body(Req, #{period => 5000, length => 8192}) of
{ok, Body, NewReq} ->
#{<<"name">> := Name, <<"password">> := Pass,
<<"user">> := User} = json:decode(Body),
case cowboy:read_urlencoded_body(Req) of
{ok, [{name, Name}, {username, User}, {password, Password}], NewReq} ->
case storage:read(Bucket, User) of
{ok, [_R]} ->
{true, NewReq, user_exists};
{ok, []} ->
{false, NewReq, {Bucket, [{name, Name},
{username, User},{password, Pass}]}}
{username, User},{password, Password}]}}
end
end.
@ -73,8 +70,7 @@ is_conflict(Req, State) -> {false, Req, State}.
create_user(Req, {Bucket, [{name, Name}, {username, User}, {password, Pass}]}) ->
Salt = rand:bytes(32),
SaltedPW = <<Pass/binary, Salt/binary>>,
Hash = crypto:hash(sha256, SaltedPW),
Hash = crypto:hash(sha256, <<Pass/binary, Salt/binary>>),
case storage:write(Bucket, User, Hash, [{salt, Salt}, {name, Name}]) of
ok ->