diff options
author | Jeffrey Armstrong <jeff@approximatrix.com> | 2022-04-29 11:13:13 -0400 |
---|---|---|
committer | Jeffrey Armstrong <jeff@approximatrix.com> | 2022-04-29 11:13:13 -0400 |
commit | 8c401f9748069eb052f5ac4f2eee1761b1f67afd (patch) | |
tree | 71c4cc2a585460b791a672a3a53b8e51e7b3e598 /captain/db.f90 | |
parent | b558fd94527e6a3f359c3ca766eeabaf0c7a8a57 (diff) | |
download | levitating-8c401f9748069eb052f5ac4f2eee1761b1f67afd.tar.gz levitating-8c401f9748069eb052f5ac4f2eee1761b1f67afd.zip |
Fixed login to use the proper password checking function.
Diffstat (limited to 'captain/db.f90')
-rw-r--r-- | captain/db.f90 | 20 |
1 files changed, 8 insertions, 12 deletions
diff --git a/captain/db.f90 b/captain/db.f90 index 7500b8a..29c5810 100644 --- a/captain/db.f90 +++ b/captain/db.f90 @@ -1477,27 +1477,23 @@ contains function validate_user_db(username, password) use config, only: app_salt - use m_crypt, only: hash + use m_crypt, only: verify_hash + use logging implicit none character(len=*), intent(in)::username, password logical::validate_user_db - character(len=:), pointer::hashed_pass, db_hashed_pass + character(len=:), pointer::db_hashed_pass validate_user_db = .FALSE. + + db_hashed_pass => get_password_hash_pointer_db(username) + if(associated(db_hashed_pass)) then - hashed_pass => hash(trim(password)//trim(app_salt)) - if(associated(hashed_pass)) then - db_hashed_pass => get_password_hash_pointer_db(username) - if(associated(db_hashed_pass)) then + validate_user_db = verify_hash(trim(password)//trim(app_salt), db_hashed_pass) - validate_user_db = (hashed_pass == db_hashed_pass) - - deallocate(db_hashed_pass) - end if - - deallocate(hashed_pass) + deallocate(db_hashed_pass) end if end function validate_user_db |