sha256 password

Author: stepbystepcode

user_controller.cc

@@ -1,6 +1,7 @@
 #include <drogon/drogon.h>
 #include <json/json.h>
 #include "mysql.h"
+#include <openssl/sha.h>
 #include "jwt_controller.h"
 #include "msg_controller.h"
 using namespace drogon;
@@ -27,17 +28,32 @@ void Handle(const HttpRequestPtr &req, std::function<void(const HttpResponsePtr
     res->setBody(output);
     callback(res);
 }
+std::string sha256(const std::string str){
+  unsigned char hash[SHA256_DIGEST_LENGTH];
+
+  SHA256_CTX sha256;
+  SHA256_Init(&sha256);
+  SHA256_Update(&sha256, str.c_str(), str.size());
+  SHA256_Final(hash, &sha256);
+
+  std::stringstream ss;
+
+  for(int i = 0; i < SHA256_DIGEST_LENGTH; i++){
+    ss << std::hex << std::setw(2) << std::setfill('0') << static_cast<int>( hash[i] );
+  }
+  return ss.str();
+}
 std::string registerUser(const Json::Value& req_json) {
     // std::cout<<"Receive Username : "<<req_json["username"].asString()<<std::endl;
     // std::cout<<"Receive Passwd: "<<req_json["password"].asString()<<std::endl;
     if (sql_check(req_json["username"].asString())){
-        sql_add(req_json["username"].asString(), req_json["password"].asString(), req_json["avatar"].asInt());
+        sql_add(req_json["username"].asString(), sha256(req_json["password"].asString()), req_json["avatar"].asInt());
         return "Sign up Success";
     }else
         return "User already exist";
 }
 std::string loginUser(const Json::Value& req_json) {
-    if (sql_check(req_json["username"].asString(), req_json["password"].asString())){
+    if (sql_check(req_json["username"].asString(), sha256(req_json["password"].asString()))){
         return "Login Success";
     }else
         return "Login Failed";