我正在构建一个基本的身份验证设置,类似于在Vapor的auth-template模板中使用它(从
here开始).我将所有内容设置为与模板中相同的方式.
static func create(_ req: Request,newUserRequest user: createuserRequest) throws -> Future<User.Public> { return User.query(on: req).filter(\.username == user.username).first().flatMap { existingUser in guard existingUser == nil else { throw Abort(.badRequest,reason: "A user with the given username already exists.") } guard user.password == user.passwordVerification else { throw Abort(.badRequest,reason: "Given passwords did not match.") } let count = 16 var pw_salt_data = Data(count: count) let _ = pw_salt_data.withUnsafeMutableBytes { mutableBytes in SecRandomcopyBytes(kSecRandomDefault,count,mutableBytes) } let pw_salt = try BCrypt.hash(pw_salt_data.base64EncodedString()) let pw_hash = try BCrypt.hash(pw_salt + user.password) return User(id: nil,username: user.username,pw_hash: pw_hash,pw_salt: pw_salt,email: user.email).save(on: req).toPublic() } }
但是在登录期间执行身份验证时无法检索该盐:
static func login(_ req: Request) throws -> Future<UserToken> {
let user = try req.requireAuthenticated(User.self)
let token = try UserToken.create(userID: user.requireID())
return token.save(on: req)
}
解决方法
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 [email protected] 举报,一经查实,本站将立刻删除。
