diff options
| author | Kegsay <kegan@matrix.org> | 2021-03-08 13:19:02 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-03-08 13:19:02 +0000 |
| commit | 850abb1dde2ce6f85554457e3ee94a9837e13897 (patch) | |
| tree | 4b9068e9e4bca77ac1be1291c10fc53d8a704648 /userapi/storage/accounts/postgres/storage.go | |
| parent | c3ad2cca49a7ad5890dddf2d8eec3e3cbbff16d1 (diff) | |
Make bcrypt cost configurable (#1793)
Diffstat (limited to 'userapi/storage/accounts/postgres/storage.go')
| -rw-r--r-- | userapi/storage/accounts/postgres/storage.go | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/userapi/storage/accounts/postgres/storage.go b/userapi/storage/accounts/postgres/storage.go index e6adbfd8..3933fe5b 100644 --- a/userapi/storage/accounts/postgres/storage.go +++ b/userapi/storage/accounts/postgres/storage.go @@ -44,10 +44,11 @@ type Database struct { accountDatas accountDataStatements threepids threepidStatements serverName gomatrixserverlib.ServerName + bcryptCost int } // NewDatabase creates a new accounts and profiles database -func NewDatabase(dbProperties *config.DatabaseOptions, serverName gomatrixserverlib.ServerName) (*Database, error) { +func NewDatabase(dbProperties *config.DatabaseOptions, serverName gomatrixserverlib.ServerName, bcryptCost int) (*Database, error) { db, err := sqlutil.Open(dbProperties) if err != nil { return nil, err @@ -56,6 +57,7 @@ func NewDatabase(dbProperties *config.DatabaseOptions, serverName gomatrixserver serverName: serverName, db: db, writer: sqlutil.NewDummyWriter(), + bcryptCost: bcryptCost, } // Create tables before executing migrations so we don't fail if the table is missing, @@ -131,7 +133,7 @@ func (d *Database) SetDisplayName( func (d *Database) SetPassword( ctx context.Context, localpart, plaintextPassword string, ) error { - hash, err := hashPassword(plaintextPassword) + hash, err := d.hashPassword(plaintextPassword) if err != nil { return err } @@ -175,7 +177,7 @@ func (d *Database) createAccount( // Generate a password hash if this is not a password-less user hash := "" if plaintextPassword != "" { - hash, err = hashPassword(plaintextPassword) + hash, err = d.hashPassword(plaintextPassword) if err != nil { return nil, err } @@ -246,8 +248,8 @@ func (d *Database) GetNewNumericLocalpart( return d.accounts.selectNewNumericLocalpart(ctx, nil) } -func hashPassword(plaintext string) (hash string, err error) { - hashBytes, err := bcrypt.GenerateFromPassword([]byte(plaintext), bcrypt.DefaultCost) +func (d *Database) hashPassword(plaintext string) (hash string, err error) { + hashBytes, err := bcrypt.GenerateFromPassword([]byte(plaintext), d.bcryptCost) return string(hashBytes), err } |