début hashage

package.json

@@ -7,6 +7,7 @@
     "start": "tsx src/server.ts"
   },
   "devDependencies": {
+    "@types/bcryptjs": "^2.4.6",
     "@types/bun": "^1.0.4",
     "tsx": "^4.7.0",
     "typescript": "^5.3.3"
@@ -19,6 +20,7 @@
     "@fastify/websocket": "^10.0.1",
     "@sinclair/typebox": "^0.32.9",
     "dprint": "^0.46.1",
+    "bcryptjs": "^2.4.3",
     "fastify": "^4.27.0",
     "nanoid": "^5.0.4",
     "sqlite3": "^5.1.7",

src/bcrypt.ts

@@ -0,0 +1,18 @@
+import * as bcrypt from "bcryptjs";
+
+const saltRounds = 10; // Le nombre de tours de salage
+
+/* Fonction pour hasher le mot de passe */
+export async function hashPassword(password: string): Promise<string> {
+  const hashedPassword = await bcrypt.hash(password, saltRounds);
+  return hashedPassword;
+}
+
+/* Fonction pour vérifier le mot de passe */
+export async function comparePassword(
+  plainPassword: string,
+  hashedPassword: string
+): Promise<boolean> {
+  const isMatch = await bcrypt.compare(plainPassword, hashedPassword);
+  return isMatch;
+}

src/server.ts

@@ -8,6 +8,7 @@ import { nanoid } from "nanoid";
 import { allocateBuffer, getRunner } from "runner";
 import { Pull, Push } from "zeromq";
 import * as db from "./database";
+import { hashPassword } from "bcrypt";
 
 const sender = new Push();
 await sender.bind(`tcp://127.0.0.1:5557`);
@@ -179,7 +180,9 @@ fastify.post(
   },
   async (request, reply) => {
     const { login, password, permissions } = request.body;
-    if (!(await db.insertUser(database, login, password, permissions))) {
+    // Hasher le mot de passe avant de l'insérer dans la base de données (en type string)
+    const hashedPassword = (await hashPassword(password)) as string;
+    if (!(await db.insertUser(database, login, hashedPassword, permissions))) {
       reply.send({ success: false });
     } else {
       reply.send({ success: true });