From 40070557b7aee861aa377cd1eaea222baa2d49c3 Mon Sep 17 00:00:00 2001 From: Eduard Urbach Date: Tue, 30 Jan 2024 12:50:47 +0100 Subject: [PATCH] Implemented basic hashing --- client/network/Login.gd | 2 +- server/game/Login.go | 10 +++++++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/client/network/Login.gd b/client/network/Login.gd index 9bd5c43..21483bf 100644 --- a/client/network/Login.gd +++ b/client/network/Login.gd @@ -22,7 +22,7 @@ func send_login(): if is_logged_in(): return - var password := "password" + var password := "password".sha256_text() var buffer := StreamPeerBuffer.new() buffer.put_8(Packet.LOGIN) buffer.put_data(JSON.stringify([Global.username, password]).to_utf8_buffer()) diff --git a/server/game/Login.go b/server/game/Login.go index cf96196..4da228a 100644 --- a/server/game/Login.go +++ b/server/game/Login.go @@ -2,7 +2,9 @@ package game import ( "crypto/rand" + "crypto/sha256" "encoding/base64" + "encoding/hex" "encoding/json" "errors" "net" @@ -17,6 +19,7 @@ var ( ErrAlreadyLoggedIn = errors.New("already logged in") ErrUnknownAccount = errors.New("unknown account") ErrWrongPassword = errors.New("wrong password") + testPassword = sha256Text("password") ) // Login checks the account credentials and gives a network peer access to an account. @@ -42,7 +45,7 @@ func (game *Game) Login(data []byte, address *net.UDPAddr) error { return ErrUnknownAccount } - if password != "password" { + if password != testPassword { game.server.Send(Login, []byte{Failure}, address) return ErrWrongPassword } @@ -91,3 +94,8 @@ func createAuthToken() string { rand.Read(randomBytes) return base64.StdEncoding.EncodeToString(randomBytes) } + +func sha256Text(password string) string { + sum := sha256.Sum256([]byte(password)) + return hex.EncodeToString(sum[:]) +}