From 7e39afa29f1674df4cac51c7894181f55f66aa12 Mon Sep 17 00:00:00 2001
From: Mohamed Bassem <me@mbassem.com>
Date: Tue, 15 Apr 2025 19:36:51 +0000
Subject: fix: Add password salt to the user table

---
 packages/trpc/routers/admin.ts | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

(limited to 'packages/trpc/routers/admin.ts')

diff --git a/packages/trpc/routers/admin.ts b/packages/trpc/routers/admin.ts
index 9b44f7c9..85869ba8 100644
--- a/packages/trpc/routers/admin.ts
+++ b/packages/trpc/routers/admin.ts
@@ -22,7 +22,7 @@ import {
   zAdminCreateUserSchema,
 } from "@karakeep/shared/types/admin";
 
-import { hashPassword } from "../auth";
+import { generatePasswordSalt, hashPassword } from "../auth";
 import { adminProcedure, router } from "../index";
 import { createUser } from "./users";
 
@@ -338,10 +338,11 @@ export const adminAppRouter = router({
           message: "Cannot reset own password",
         });
       }
-      const hashedPassword = await hashPassword(input.newPassword);
+      const newSalt = generatePasswordSalt();
+      const hashedPassword = await hashPassword(input.newPassword, newSalt);
       const result = await ctx.db
         .update(users)
-        .set({ password: hashedPassword })
+        .set({ password: hashedPassword, salt: newSalt })
         .where(eq(users.id, input.userId));
 
       if (result.changes == 0) {
-- 
cgit v1.2.3-70-g09d2