From 71744e0d16a23acde3e743c94838dbae9af057a9 Mon Sep 17 00:00:00 2001
From: troido <troido@protonmail.com>
Date: Thu, 23 Apr 2020 23:34:51 +0200
Subject: hash the password server-side too

---
 src/gameserver.rs | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'src/gameserver.rs')

diff --git a/src/gameserver.rs b/src/gameserver.rs
index 37b889f..4947c8d 100644
--- a/src/gameserver.rs
+++ b/src/gameserver.rs
@@ -209,8 +209,7 @@ impl GameServer {
 							println!("Name mismatch: user entry for {:?} has name {}", player, user.name);
 							return Err(merr!("server", "name mismatch"));
 						}
-						if token != user.pass_token {
-							println!("password mismatch: '{}' '{}'", token, user.pass_token);
+						if !user.validate_token(&token) {
 							return Err(merr!("invalidtoken", "invalid pass token"));
 						}
 						()
-- 
cgit