Fix resetting password

This commit is contained in:
Trevor Slocum 2023-12-14 21:44:11 -08:00
parent c2d1c705ac
commit 93cfc4da05
3 changed files with 4 additions and 4 deletions

View file

@ -244,7 +244,7 @@ func resetAccount(mailServer string, resetSalt string, email []byte) error {
return nil
}
func confirmResetAccount(resetSalt string, id int, key string) (string, error) {
func confirmResetAccount(resetSalt string, passwordSalt string, id int, key string) (string, error) {
if db == nil {
return "", nil
} else if id == 0 {
@ -282,7 +282,7 @@ func confirmResetAccount(resetSalt string, id int, key string) (string, error) {
newPassword := randomAlphanumeric(7)
passwordHash, err := argon2id.CreateHash(newPassword, passwordArgon2id)
passwordHash, err := argon2id.CreateHash(newPassword+passwordSalt, passwordArgon2id)
if err != nil {
return "", err
}

View file

@ -27,7 +27,7 @@ func resetAccount(mailServer string, resetSalt string, email []byte) error {
return nil
}
func confirmResetAccount(resetSalt string, id int, key string) (string, error) {
func confirmResetAccount(resetSalt string, passwordSalt string, id int, key string) (string, error) {
return "", nil
}

View file

@ -148,7 +148,7 @@ func (s *server) handleResetPassword(w http.ResponseWriter, r *http.Request) {
}
key := vars["key"]
newPassword, err := confirmResetAccount(s.resetSalt, id, key)
newPassword, err := confirmResetAccount(s.resetSalt, s.passwordSalt, id, key)
if err != nil {
log.Printf("failed to reset password: %s", err)
}