From 5b6da560896970c610c691dff6ed052a57ed5a1d Mon Sep 17 00:00:00 2001
From: Julien Dessaux
Date: Sat, 16 Nov 2024 00:36:17 +0100
Subject: fix(tfstated): hash passwords instead of relying on the database
 encryption key

---
 pkg/basic_auth/middleware.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'pkg/basic_auth')

diff --git a/pkg/basic_auth/middleware.go b/pkg/basic_auth/middleware.go
index 1b51c8a..7f8fb4a 100644
--- a/pkg/basic_auth/middleware.go
+++ b/pkg/basic_auth/middleware.go
@@ -27,7 +27,7 @@ func Middleware(db *database.DB) func(http.Handler) http.Handler {
 				http.Error(w, "Forbidden", http.StatusForbidden)
 				return
 			}
-			if password != account.Password {
+			if !account.CheckPassword(password) {
 				http.Error(w, "Forbidden", http.StatusForbidden)
 				return
 			}
-- 
cgit v1.2.3