diff options
author | William Carroll <wpcarro@gmail.com> | 2020-07-28T17·48+0100 |
---|---|---|
committer | William Carroll <wpcarro@gmail.com> | 2020-07-28T17·48+0100 |
commit | f051b0be0bc360c949b3b1913f13c4856ae317ca (patch) | |
tree | 0c01f2c7d62625fc710d965fdc430777c9d52442 /src/Types.hs | |
parent | 90a521c78f036e024454df39c3e3cd1180c90a74 (diff) |
Check passwords in /login
TL;DR: - Since POST /login is more rigorous, our accounts.csv needs to contain validly hashed passwords; you can use tests/create-accounts.sh to create dummy accounts I still need to test the login flow and support: - Tracking failed attempts (three maximum) - Verifying accounts by sending emails to the users
Diffstat (limited to 'src/Types.hs')
-rw-r--r-- | src/Types.hs | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/Types.hs b/src/Types.hs index 96cfae2c28cf..25f7d8996a36 100644 --- a/src/Types.hs +++ b/src/Types.hs @@ -320,6 +320,11 @@ hashPassword (ClearTextPassword x) = do hashed <- BC.hashPassword 12 (x |> unpack |> B.pack) pure $ HashedPassword hashed +-- | Return True if the cleartext password matches the hashed password. +passwordsMatch :: ClearTextPassword -> HashedPassword -> Bool +passwordsMatch (ClearTextPassword clear) (HashedPassword hashed) = + BC.validatePassword (clear |> unpack |> B.pack) hashed + data CreateAccountRequest = CreateAccountRequest { createAccountRequestUsername :: Username , createAccountRequestPassword :: ClearTextPassword |