Ion Auth - Lightweight Auth System based on Redux Auth 2

[eluser]Sinclair[/eluser]
Ok done with the password hashing in PostgreSQL.

To hash passwords like this:

Code:

return  $salt . substr(sha1($salt . $password), 0, -10);

We need two functions in PlpgSQL:

Code:

CREATE OR REPLACE FUNCTION sha1(bytea) returns text AS $$
      SELECT encode(digest($1, 'sha1'), 'hex')
    $$ LANGUAGE SQL STRICT IMMUTABLE;

Code:

CREATE OR REPLACE FUNCTION "public"."hash_password" (pPASSWORD varchar) RETURNS varchar AS
$body$    
    DECLARE
    pPASSWORD                     alias for $1;
    vSALT                        varchar;
    vTO_HASH                    bytea;
    vHASHED                        varchar;

    
    BEGIN
    select INTO vSALT substr(gen_salt('md5'), 0, 10) as salt;

    vTO_HASH := vSALT || pPASSWORD;
    SELECT INTO vHASHED vSALT || substr(sha1(vTO_HASH), 0, 30) as hashed;
    
    RETURN vHASHED;
    END;
$body$
LANGUAGE 'plpgsql' VOLATILE RETURNS NULL ON NULL INPUT SECURITY DEFINER;

Then we can call the HASH_PASSWORD function, just like:

Code:

select hash_password('123456789')

Just in case that someone need to generate users in the database(PostgreSQL).

Best Regards,