From 57128304c7b5f56a16cadfb09221018209e596a1 Mon Sep 17 00:00:00 2001 From: Arzumify Date: Mon, 6 May 2024 11:22:39 +0100 Subject: [PATCH] Fixed the sub being longer than 255 characters --- main.go | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/main.go b/main.go index 1fb8c90..9abe68d 100644 --- a/main.go +++ b/main.go @@ -90,7 +90,10 @@ func hash(password, salt string) string { derivedKey, _ := scrypt.Key(passwordBytes, saltBytes, 32768, 8, 1, 64) - hashString := fmt.Sprintf("scrypt:32768:8:1$%s$%s", salt, hex.EncodeToString(derivedKey)) + hashString := fmt.Sprintf("scrypt:32768 + + +:8:1$%s$%s", salt, hex.EncodeToString(derivedKey)) return hashString } @@ -409,7 +412,7 @@ func main() { } }(conn) - _, err = conn.Exec("INSERT INTO users (username, password, created, uniqueid) VALUES (?, ?, ?, ?)", username, hashedPassword, strconv.FormatInt(time.Now().Unix(), 10), genSalt(512)) + _, err = conn.Exec("INSERT INTO users (username, password, created, uniqueid) VALUES (?, ?, ?, ?)", username, hashedPassword, strconv.FormatInt(time.Now().Unix(), 10), genSalt(255)) if err != nil { log.Println("[ERROR] Unknown in /api/signup user creation at", strconv.FormatInt(time.Now().Unix(), 10)+":", err) return @@ -577,7 +580,7 @@ func main() { return } - c.JSON(200, gin.H{"sub": uniqueid, "name": username}) + c.JSON(200, gin.H{"sub": uniqueid[:255], "name": username}) }) router.POST("/api/uniqueid", func(c *gin.Context) { @@ -771,7 +774,7 @@ func main() { } datatemplate := jwt.MapClaims{ - "sub": uniqueid, + "sub": uniqueid[:255], "iss": "https://auth.hectabit.org", "name": username, "aud": appId,