Merge branch 'master' of gitea.leon.etiennes.de:leonetienne/Sellery

2022-04-10 16:22:23 +02:00 · 2022-04-10 16:22:23 +02:00 · 07b2468a6f
commit 07b2468a6f
parent 097e6fe122 9d1f364f05
3 changed files with 16 additions and 15 deletions
--- a/config.toml
+++ b/config.toml
@ -8,7 +8,7 @@
 WEBROOT = '/var/www/html'

 # This is the SHA512 digest to check the password against
-PASSWD_HASH = 'a3c1443b087cf5338d3696f6029fdf791ee4829a27e19c9f257a06ca0d88b5b518ac9868bb13199e807553bda62d3dc15b6354862f34fcab0a7c4c45530349ea'
+PASSWD_HASH = '034ff213a060a0888230c3934cfb1cb1f80ab3f211a114b713598efac2d1a68f8d3402c6b08ace2f3990c4c029351d1141cf47ebc378fc9a83a5dddda6e38a8c'

 # Sessions stay valid this many seconds, if inactive. Default: 600 (=10 minutes)
 SESSION_DURATION = 600
--- a/entrypoint.sh
+++ b/entrypoint.sh
@ -1,18 +1,5 @@
 #!/bin/bash

-# # CD into our application directory
-# echo CD into our application directory
-# cd /app
-# 
-# # Use the correct node version
-# echo Use the correct node version
-# npm install -g n
-# n install `cat .nvmrc`
-# 
-# # Install all our packages
-# echo Install all our packages
-# npm install
-
 # Start the server
 echo Start the server
 exec $@
--- a/server.js
+++ b/server.js
@ -103,6 +103,20 @@ function SHA512Digest(string) {
  return crypto.createHash('sha512').update(string, 'utf-8').digest('hex');
 }

+//! Duh?
+function hashPassword(password) {
+  // Salt it
+  password = 'PQoFvPytZyi7yW/uX4IQ5I' + password + 'ZNUwEfVyn55pI91Myp2+RrOXWFtx5';
+
+  // Shake it
+  for (let i = 0; i < password.length * 500; i++) {
+    password = SHA512Digest(password + 'z4J7qWugOOfjd8FBbpcFyANjfe4axc4fM2Dj65IMr')
+  }
+
+  // Serve it
+  return password;
+}
+
 //! This function simply serves the authentication page
 function serveAuthenticatePage(request, response) {
  fs.readFile(__dirname + '/authenticate.html', function (error, data) {
@ -146,7 +160,7 @@ function testAuthentication(request, response) {
      // Extract password from the request and hash it
      const postData = querystring.parse(requestBody);
      const password = postData['password'];
-      const passwordHash = SHA512Digest(password);
+      const passwordHash = hashPassword(password);

      // Is the password good?
      if (passwordHash === config.PASSWD_HASH) {