.gitignore

@@ -1,10 +1,10 @@
 logs/
 nginx.conf.compiled
+db.*.sqlite
 .vscode/
 .local/
-data/static/avatars/*
+static/avatars/*
-!data/static/avatars/default.webp
+!static/avatars/default.webp
-data/db/*
 secrets.lua
 
 .first_launch.*

apps/users.lua

@@ -5,7 +5,7 @@ local constants = require("constants")
 
 local util = require("util")
 
-local auth = require("lib.auth")
+local bcrypt = require("bcrypt")
 local rand = require("openssl.rand")
 
 local models = require("models")
@@ -14,7 +14,7 @@ local Sessions = models.Sessions
 local Avatars = models.Avatars
 
 local function authenticate_user(user, password)
-  return auth.verify(password, user.password_hash)
+  return bcrypt.verify(password, user.password_hash)
 end
 
 local function create_session_key()
@@ -321,7 +321,7 @@ app:post("user_signup", "/signup", function(self)
 
   local new_user = Users:create({
     username = username,
-    password_hash = auth.digest(password),
+    password_hash = bcrypt.digest(password, constants.BCRYPT_ROUNDS),
     permission = constants.PermissionLevel.GUEST,
   })
 

config.lua

@@ -7,7 +7,7 @@ config({"development", "production"}, {
   code_cache = "off",
   num_workers = "1",
   sqlite = {
-    database = "data/db/db.dev.sqlite"
+    database = "db.dev.sqlite"
   },
   secret = "SUPER SECRET",
   session_name = "porom_session",
@@ -20,7 +20,7 @@ config("production", {
   },
   secret = secrets.key,
   sqlite = {
-    database = "data/db/db.prod.sqlite"
+    database = "db.prod.sqlite"
   },
   session_name = "porom_session_s"
 })

create_default_accounts.lua

@@ -1,4 +1,4 @@
-local auth = require("lib.auth")
+local bcrypt = require("bcrypt")
 local models = require("models")
 local constants = require("constants")
 
@@ -29,7 +29,7 @@ local function create_admin()
     password = password .. alphabet:sub(randi, randi)
   end
 
-  local hash = auth.digest(password)
+  local hash = bcrypt.digest(password, constants.BCRYPT_ROUNDS)
 
   models.Users:create({
     username = username,

lib/auth.lua

@@ -1,16 +0,0 @@
-local auth = {}
-
-local ls = require "luasodium"
-
-function auth.digest(password)
-  return ls.crypto_pwhash_str(
-    password,
-    ls.crypto_pwhash_OPSLIMIT_INTERACTIVE,
-    ls.crypto_pwhash_MEMLIMIT_INTERACTIVE)
-end
-
-function auth.verify(password, hash)
-  return ls.crypto_pwhash_str_verify(hash, password)
-end
-
-return auth

nginx.conf

@@ -26,15 +26,15 @@ http {
     }
 
     location /static/ {
-      alias data/static/;
+      alias static/;
     }
 
     location /favicon.ico {
-      alias data/static/favicon.ico;
+      alias static/favicon.ico;
     }
     
     location /avatars {
-      alias data/static/avatars;
+      alias static/avatars;
       expires 1y;
     }
   }

porom-dev-1.rockspec

@@ -16,7 +16,7 @@ dependencies = {
   "lapis == 1.16.0",
   "lsqlite3",
   "magick",
-  "luasodium",
+  "bcrypt",
   "luaossl",
 }
 

start.sh

@@ -7,10 +7,9 @@ start() {
 first_launch() {
   echo "Setting up for the first time"
   touch ".first_launch.$LAPIS_ENVIRONMENT"
-  mkdir -p data/db
+  lua5.1 schema.lua
-  luajit schema.lua
   lapis migrate
-  luajit create_default_accounts.lua
+  lua5.1 create_default_accounts.lua
 }
 
 if [[ $# -ne 1 ]]; then

views/user/user.etlua

@@ -1,5 +1,5 @@
 <% if infobox then %>
-  <% render("views.common.infobox", infobox) %>
+  <% render("views.common.infobox", pop_infobox) %>
 <% end %>
 <div class="darkbg">
   <h1 class="thread-title">Latest posts by <i><%= user.username %></i></h1>