From 5b6da560896970c610c691dff6ed052a57ed5a1d Mon Sep 17 00:00:00 2001 From: Julien Dessaux Date: Sat, 16 Nov 2024 00:36:17 +0100 Subject: fix(tfstated): hash passwords instead of relying on the database encryption key --- pkg/database/sql/000_init.sql | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'pkg/database/sql') diff --git a/pkg/database/sql/000_init.sql b/pkg/database/sql/000_init.sql index c56473f..b635442 100644 --- a/pkg/database/sql/000_init.sql +++ b/pkg/database/sql/000_init.sql @@ -5,7 +5,8 @@ CREATE TABLE schema_version ( CREATE TABLE accounts ( id INTEGER PRIMARY KEY, username TEXT NOT NULL, - password BLOB NOT NULL, + salt BLOB NOT NULL, + password_hash BLOB NOT NULL, is_admin INTEGER NOT NULL DEFAULT FALSE, created INTEGER NOT NULL DEFAULT (unixepoch()), last_login INTEGER NOT NULL DEFAULT (unixepoch()), -- cgit v1.2.3