Remove salt from bcrypt password, because it's useless

author: Steven Le Rouzic <steven.lerouzic@gmail.com> 2024-04-23 18:30:19 +0200
committer: Steven Le Rouzic <steven.lerouzic@gmail.com> 2024-04-23 18:30:19 +0200
commit: df3068728abacfc98fa19f3dba62b35f65aea731 (patch)
tree: 689aecde69e462cc3ea33caf8ec1cbaccc7bd11a /timer.go
parent: baad75737135eced6f33fecc1c4104f70719c0ce (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/timer.go b/timer.go
index 7d5f320..4b29726 100644
--- a/timer.go
+++ b/timer.go
@@ -269,7 +269,7 @@ func (server *TimerServer) handlePostLogin(w http.ResponseWriter, r *http.Reques
 		return
 	}
 
-	err := bcrypt.CompareHashAndPassword(user.Password, []byte(user.Salt+userPass))
+	err := bcrypt.CompareHashAndPassword(user.Password, []byte(userPass))
 	if err != nil {
 		w.WriteHeader(http.StatusBadRequest)
 		view.LoginFormError(nil, "Incorrect credentials").Render(context.Background(), w)
author	Steven Le Rouzic <steven.lerouzic@gmail.com>	2024-04-23 18:30:19 +0200
committer	Steven Le Rouzic <steven.lerouzic@gmail.com>	2024-04-23 18:30:19 +0200
commit	df3068728abacfc98fa19f3dba62b35f65aea731 (patch)
tree	689aecde69e462cc3ea33caf8ec1cbaccc7bd11a /timer.go
parent	baad75737135eced6f33fecc1c4104f70719c0ce (diff)