Remove salt from bcrypt password, because it's useless

author: Steven Le Rouzic <steven.lerouzic@gmail.com> 2024-04-23 18:30:19 +0200
committer: Steven Le Rouzic <steven.lerouzic@gmail.com> 2024-04-23 18:30:19 +0200
commit: df3068728abacfc98fa19f3dba62b35f65aea731 (patch)
tree: 689aecde69e462cc3ea33caf8ec1cbaccc7bd11a /database.go
parent: baad75737135eced6f33fecc1c4104f70719c0ce (diff)
1 files changed, 2 insertions, 8 deletions
diff --git a/database.go b/database.go
index 583974f..c53b828 100644
--- a/database.go
+++ b/database.go
@@ -7,7 +7,6 @@ import (
 	"golang.org/x/crypto/bcrypt"
 
 	"stevenlr.com/timer/model"
-	"stevenlr.com/timer/utils"
 )
 
 func initializeDatabaseV1(db *sql.DB) error {
@@ -40,7 +39,6 @@ func initializeDatabaseV1(db *sql.DB) error {
 		CREATE TABLE User (
 			Id			BLOB	NOT NULL UNIQUE,
 			Name		TEXT	NOT NULL,
-			Salt		TEXT	NOT NULL,
 			Password	BLOB	NOT NULL,
 			PRIMARY KEY (id)
 		)`)
@@ -50,17 +48,13 @@ func initializeDatabaseV1(db *sql.DB) error {
 
 	userName := "admin"
 	userPassword := "admin"
-	salt, err := utils.GenerateRandomString(33)
-	if err != nil {
-		return err
-	}
 
-	password, err := bcrypt.GenerateFromPassword([]byte(salt+userPassword), bcrypt.MinCost)
+	password, err := bcrypt.GenerateFromPassword([]byte(userPassword), bcrypt.MinCost)
 	if err != nil {
 		return err
 	}
 
-	_, err = tx.Exec(`INSERT INTO User VALUES ($1, $2, $3, $4)`, model.MakeUUID(), userName, salt, password)
+	_, err = tx.Exec(`INSERT INTO User VALUES ($1, $2, $3)`, model.MakeUUID(), userName, password)
 	if err != nil {
 		return err
 	}
author	Steven Le Rouzic <steven.lerouzic@gmail.com>	2024-04-23 18:30:19 +0200
committer	Steven Le Rouzic <steven.lerouzic@gmail.com>	2024-04-23 18:30:19 +0200
commit	df3068728abacfc98fa19f3dba62b35f65aea731 (patch)
tree	689aecde69e462cc3ea33caf8ec1cbaccc7bd11a /database.go
parent	baad75737135eced6f33fecc1c4104f70719c0ce (diff)