Postgresql auth add bcrypt pw hashing

wind-c / comqtt

A lightweight, high-performance go mqtt server(v3.0|v3.1.1|v5.0) supporting distributed cluster

MIT License

972 stars 53 forks source link

Postgresql auth add bcrypt pw hashing #68

Closed asbjorn closed 1 year ago

asbjorn commented 1 year ago

I really don't like storing passwords as plain text in db :) Also added a section in the README.md file to help users create the SQL tables and also creating hashed versions of the MQTT client passwords.

wind-c commented 1 year ago

I'm a big proponent of hashing passwords.

wind-c commented 1 year ago

There are several problems with your PR:

Build failed
There should also be go's bcrypt snippet in the README file
Have redundant "if err! = nil"

Run go build ./... go: downloading golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d go: updates to go.mod needed; to update it: go mod tidy Error: Process completed with exit code 1.

asbjorn commented 1 year ago

Hi @wind-c!

Thanks for the feedback - it seems that I forgot the go mod tidy and the redundant iferr checks. There should also be a section in the README file. Also added a link from bcrypt to its corresponding Wikipedia article.

wind-c commented 1 year ago

good job