refact(auth): change pwd encrypt method

This commit is contained in:
oiov
2025-06-17 20:38:20 +08:00
parent 7c77234026
commit f4a3386c7d
5 changed files with 30 additions and 8 deletions
+4 -2
View File
@@ -2,9 +2,11 @@
import { revalidatePath } from "next/cache";
import { auth } from "@/auth";
import { hash } from "bcrypt";
// import { hash } from "crypt";
import { prisma } from "@/lib/db";
import { hashPassword } from "@/lib/utils";
import { userPasswordSchema } from "@/lib/validations/user";
export type FormData = {
@@ -26,7 +28,7 @@ export async function updateUserPassword(userId: string, data: FormData) {
id: userId,
},
data: {
password: await hash(password, 10),
password: hashPassword(password),
},
});
+3 -4
View File
@@ -1,7 +1,7 @@
import { NextRequest } from "next/server";
import { compare, hash } from "bcrypt";
import { prisma } from "@/lib/db";
import { hashPassword, verifyPassword } from "@/lib/utils";
export async function POST(req: NextRequest) {
try {
@@ -21,7 +21,7 @@ export async function POST(req: NextRequest) {
data: {
name: "",
email,
password: await hash(password, 10),
password: hashPassword(password),
active: 1,
role: "USER",
team: "free",
@@ -31,8 +31,7 @@ export async function POST(req: NextRequest) {
});
return Response.json(newUser, { status: 200 });
} else {
const passwordCorrect = await compare(password, user.password || "");
const passwordCorrect = verifyPassword(password, user.password || "");
if (passwordCorrect) {
return Response.json(user, { status: 200 });
}
+21
View File
@@ -376,3 +376,24 @@ export function extractHost(url: string): string {
const match = url.match(regex);
return match ? match[1] : "";
}
export function hashPassword(password: string): string {
const salt = crypto.randomBytes(16).toString("hex");
const hash = crypto.scryptSync(password, salt, 64).toString("hex");
return `${salt}:${hash}`;
}
/**
* 验证密码
* @param password 用户输入的密码
* @param storedPassword 数据库中存储的加密密码
* @returns 是否匹配
*/
export function verifyPassword(
password: string,
storedPassword: string,
): boolean {
const [salt, hash] = storedPassword.split(":");
const hashToVerify = crypto.scryptSync(password, salt, 64).toString("hex");
return hash === hashToVerify;
}
@@ -31,7 +31,7 @@ VALUES
'cmadvu9w874j2sczhg174pftq',
'admin',
'admin@admin.com',
'$2b$10$FQIPnvwTQ2dwL2F3SIiKDOf.qTvMcwfc0KsbqHQBWflpFT2o8Uwji',
'c0025ebe2edf525367e859821ccac33a:95992aad7ca8dc7c51855859f7adaa6282b09439b3e138fde22aeeaa6864af0f43fdd297cc7409b24a011300c038ff4d7585f89019e7629120123ec947f62b15',
1,
'ADMIN',
'free'
+1 -1
View File
File diff suppressed because one or more lines are too long