From 550ca6c19b99e899d60153faeaf505530d508f3d Mon Sep 17 00:00:00 2001
From: wikiapiserver
Date: Thu, 25 Jun 2026 12:30:55 +0200
Subject: refactor: store password in plaintext

Remove SHA-256 hashing for the password column.
Tokens still hashed with SHA-256 in the database.
---
 db/db.go | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

(limited to 'db')

diff --git a/db/db.go b/db/db.go
index e011334..acb4437 100644
--- a/db/db.go
+++ b/db/db.go
@@ -15,7 +15,7 @@ import (
 )
 
 const (
-	tokenLength    = 32                  // bytes → 64 hex chars
+	tokenLength    = 32
 	accessTokenTTL = 24 * time.Hour
 )
 
@@ -82,7 +82,7 @@ func isDupKeyError(err error) bool {
 
 // --- queries ---
 
-// CreateAccount inserts a new row with hashed credentials and fresh tokens.
+// CreateAccount inserts a new row with plaintext password and fresh tokens.
 func (d *DB) CreateAccount(ctx context.Context, username, plaintextPW string) (*Account, error) {
 	rt, err := randomHex(tokenLength)
 	if err != nil {
@@ -95,7 +95,7 @@ func (d *DB) CreateAccount(ctx context.Context, username, plaintextPW string) (*
 
 	res, err := d.conn.ExecContext(ctx,
 		`INSERT INTO account (username, password, refresh_token, access_token, access_token_created)
-		 VALUES (?, SHA2(?, 256), SHA2(?, 256), SHA2(?, 256), NOW())`,
+		 VALUES (?, ?, SHA2(?, 256), SHA2(?, 256), NOW())`,
 		username, plaintextPW, rt, at,
 	)
 	if err != nil {
@@ -123,10 +123,10 @@ func (d *DB) CreateAccount(ctx context.Context, username, plaintextPW string) (*
 
 // Authenticate verifies plaintext credentials and returns fresh tokens.
 func (d *DB) Authenticate(ctx context.Context, username, plaintextPW string) (*Account, error) {
-	var storedHash string
+	var storedPW string
 	err := d.conn.QueryRowContext(ctx,
 		`SELECT password FROM account WHERE username = ?`, username,
-	).Scan(&storedHash)
+	).Scan(&storedPW)
 	if err != nil {
 		if errors.Is(err, sql.ErrNoRows) {
 			return nil, errors.New("invalid credentials")
@@ -134,7 +134,7 @@ func (d *DB) Authenticate(ctx context.Context, username, plaintextPW string) (*A
 		return nil, fmt.Errorf("query user: %w", err)
 	}
 
-	if storedHash != sha256hex(plaintextPW) {
+	if storedPW != plaintextPW {
 		return nil, errors.New("invalid credentials")
 	}
 
-- 
cgit v1.2.3