fix: make legacy PIN rehash non-blocking in verify_pin (#54)
Replace hash_pin(pin)? with hash_pin(pin).ok() so that a rehash failure does not propagate as an error. The user can now switch profiles even if the Argon2id re-hashing step fails — the PIN is still correctly verified, and the legacy hash remains until the next successful login. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
escouade-bot
parent
8e27be8c41
commit
086650c88a
1 changed files with 4 additions and 3 deletions
|
|
@ -191,9 +191,10 @@ pub fn verify_pin(pin: String, stored_hash: String) -> Result<VerifyPinResult, S
|
||||||
let valid: bool = result.as_slice().ct_eq(&expected_hash).into();
|
let valid: bool = result.as_slice().ct_eq(&expected_hash).into();
|
||||||
|
|
||||||
if valid {
|
if valid {
|
||||||
// Re-hash with Argon2id so this legacy PIN is upgraded
|
// Re-hash with Argon2id so this legacy PIN is upgraded.
|
||||||
let new_hash = hash_pin(pin)?;
|
// If rehash fails, still allow login — don't block the user.
|
||||||
Ok(VerifyPinResult { valid: true, rehashed: Some(new_hash) })
|
let rehashed = hash_pin(pin).ok();
|
||||||
|
Ok(VerifyPinResult { valid: true, rehashed })
|
||||||
} else {
|
} else {
|
||||||
Ok(VerifyPinResult { valid: false, rehashed: None })
|
Ok(VerifyPinResult { valid: false, rehashed: None })
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue