add hash

package.json

@@ -4,11 +4,13 @@
   "type": "module",
   "scripts": {
     "build": "tsc",
-    "start": "tsx src/server.ts"
+    "start": "tsx src/server.ts",
+    "fmt": "dprint fmt"
   },
   "devDependencies": {
     "@types/bcryptjs": "^2.4.6",
     "@types/bun": "^1.0.4",
+    "dprint": "^0.46.2",
     "tsx": "^4.7.0",
     "typescript": "^5.3.3"
   },
@@ -20,6 +22,7 @@
     "@fastify/websocket": "^10.0.1",
     "@sinclair/typebox": "^0.32.9",
     "dprint": "^0.46.1",
+    "bcrypt": "^5.1.1",
     "bcryptjs": "^2.4.3",
     "fastify": "^4.27.0",
     "nanoid": "^5.0.4",

src/bcrypt.ts

@@ -1,18 +0,0 @@
-import * as bcrypt from "bcryptjs";
-
-const saltRounds = 10; // Le nombre de tours de salage
-
-/* Fonction pour hasher le mot de passe */
-export async function hashPassword(password: string): Promise<string> {
-  const hashedPassword = await bcrypt.hash(password, saltRounds);
-  return hashedPassword;
-}
-
-/* Fonction pour vérifier le mot de passe */
-export async function comparePassword(
-  plainPassword: string,
-  hashedPassword: string
-): Promise<boolean> {
-  const isMatch = await bcrypt.compare(plainPassword, hashedPassword);
-  return isMatch;
-}

src/database.ts

@@ -141,7 +141,7 @@ export async function insertUser(
 /* Vérifier si un utilisateur existe dans la table registered_user */
 export async function verifyUser(
   db: sqlite3.Database,
-  login: string
+  login: string,
 ): Promise<User | null> {
   const verifyUserQuery = `SELECT login, password FROM registered_user WHERE login = ?`;
 

src/server.ts

@@ -3,12 +3,12 @@ import { ChangeSet, Text } from "@codemirror/state";
 import cors from "@fastify/cors";
 import { Type, TypeBoxTypeProvider } from "@fastify/type-provider-typebox";
 import websocket, { WebSocket } from "@fastify/websocket";
+import bcrypt from "bcrypt";
 import Fastify, { FastifyReply } from "fastify";
 import { nanoid } from "nanoid";
 import { allocateBuffer, getRunner } from "runner";
 import { Pull, Push } from "zeromq";
 import * as db from "./database";
-import { hashPassword } from "bcrypt";
 
 const sender = new Push();
 await sender.bind(`tcp://127.0.0.1:5557`);
@@ -166,6 +166,8 @@ const database = db.openDatabase();
 /* Créer les tables si elles n'existent pas */
 db.createTables(database);
 
+const salt = 10;
+
 /* Route pour créer un utilisateur */
 fastify.post(
   "/users",
@@ -180,14 +182,18 @@ fastify.post(
   },
   async (request, reply) => {
     const { login, password, permissions } = request.body;
-    // Hasher le mot de passe avant de l'insérer dans la base de données (en type string)
-    const hashedPassword = (await hashPassword(password)) as string;
-    if (!(await db.insertUser(database, login, hashedPassword, permissions))) {
+
+    bcrypt.hash(password, salt, async (err, hash) => {
+      if (err) {
+        reply.send({ success: false });
+      }
+      if (!(await db.insertUser(database, login, hash, permissions))) {
         reply.send({ success: false });
       } else {
         reply.send({ success: true });
       }
-  }
+    });
+  },
 );
 
 /* Route pour vérifier si un utilisateur existe */
@@ -205,12 +211,10 @@ fastify.post(
     const { login, password } = request.body;
     const user = await db.verifyUser(database, login);
 
-    if (user === null || user.password !== password) {
-      reply.send({ success: false });
-    } else {
-      reply.send({ success: true });
-    }
-  }
+    bcrypt.compare(password, user!.password)
+      .then(res => reply.send({ sucess: res }))
+      .catch(err => reply.send({ sucess: false }));
+  },
 );
 
 /* Route pour mettre à jour le login d'un utilisateur */