feat: hash client secret

2025-05-25 16:43:17 +02:00
parent 52870cb541
commit dd8c453c54
1 changed files with 9 additions and 1 deletions
--- a/internal/apiservices/routes.go
+++ b/internal/apiservices/routes.go
@ -79,9 +79,15 @@ func (h *ApiServicesHandler) Add(w http.ResponseWriter, r *http.Request) {
 		return
 	}

+	hashSecret, err := util.HashPassword(clientSecret)
+	if err != nil {
+		web.Error(w, "failed to create client secret", http.StatusInternalServerError)
+		return
+	}
+
 	service, err := h.repo.CreateApiService(r.Context(), repository.CreateApiServiceParams{
 		ClientID:     clientId,
-		ClientSecret: clientSecret,
+		ClientSecret: hashSecret,
 		Name:         req.Name,
 		RedirectUris: req.RedirectUris,
 		Scopes:       req.Scopes,
@ -94,6 +100,8 @@ func (h *ApiServicesHandler) Add(w http.ResponseWriter, r *http.Request) {

 	w.Header().Set("Content-Type", "application/json; charset=utf-8")

+	service.ClientSecret = clientSecret
+
 	encoder := json.NewEncoder(w)
 	if err := encoder.Encode(service); err != nil {
 		web.Error(w, "failed to encode response", http.StatusInternalServerError)