From 5b11d38d1dbdea41a8905cf88e6f2b555b8cfb29 Mon Sep 17 00:00:00 2001
From: Jiyun Park <80032256+cho-to@users.noreply.github.com>
Date: Wed, 22 May 2024 07:20:33 +0900
Subject: [PATCH] fix(be): add argon2 hash options (#1700)

* fix(be): add argon2 hash options

* chore(be): constantization argon2 hash option

---------

Co-authored-by: Jaehyeon Kim <kjhkk1020@naver.com>
Co-authored-by: Jaehyeon Kim <65964601+Jaehyeon1020@users.noreply.github.com>
---
 apps/backend/apps/client/src/user/user.service.ts   | 6 +++---
 apps/backend/libs/constants/src/argon2.constants.ts | 5 +++++
 apps/backend/libs/constants/src/index.ts            | 1 +
 3 files changed, 9 insertions(+), 3 deletions(-)
 create mode 100644 apps/backend/libs/constants/src/argon2.constants.ts

diff --git a/apps/backend/apps/client/src/user/user.service.ts b/apps/backend/apps/client/src/user/user.service.ts
index 283961a50a..d215092d15 100644
--- a/apps/backend/apps/client/src/user/user.service.ts
+++ b/apps/backend/apps/client/src/user/user.service.ts
@@ -12,7 +12,7 @@ import { generate } from 'generate-password'
 import { ExtractJwt } from 'passport-jwt'
 import { type AuthenticatedRequest, JwtAuthService } from '@libs/auth'
 import { emailAuthenticationPinCacheKey } from '@libs/cache'
-import { EMAIL_AUTH_EXPIRE_TIME } from '@libs/constants'
+import { EMAIL_AUTH_EXPIRE_TIME, ARGON2_HASH_OPTION } from '@libs/constants'
 import {
   ConflictFoundException,
   DuplicateFoundException,
@@ -186,7 +186,7 @@ export class UserService {
           email
         },
         data: {
-          password: await hash(newPassword)
+          password: await hash(newPassword, ARGON2_HASH_OPTION)
         }
       })
       this.logger.debug(user, 'updateUserPasswordInPrisma')
@@ -351,7 +351,7 @@ export class UserService {
   }
 
   async createUser(signUpDto: SignUpDto): Promise<User> {
-    const encryptedPassword = await hash(signUpDto.password)
+    const encryptedPassword = await hash(signUpDto.password, ARGON2_HASH_OPTION)
 
     const user = await this.prisma.user.create({
       data: {
diff --git a/apps/backend/libs/constants/src/argon2.constants.ts b/apps/backend/libs/constants/src/argon2.constants.ts
new file mode 100644
index 0000000000..edc4da8e7b
--- /dev/null
+++ b/apps/backend/libs/constants/src/argon2.constants.ts
@@ -0,0 +1,5 @@
+export const ARGON2_HASH_OPTION = {
+  timeCost: 2,
+  memoryCost: 2 ** 11,
+  parallelism: 1
+}
diff --git a/apps/backend/libs/constants/src/index.ts b/apps/backend/libs/constants/src/index.ts
index c7bfca4744..a657100fb6 100644
--- a/apps/backend/libs/constants/src/index.ts
+++ b/apps/backend/libs/constants/src/index.ts
@@ -2,3 +2,4 @@ export * from './oauth.constants'
 export * from './time.constants'
 export * from './rabbitmq.constants'
 export * from './submission.constants'
+export * from './argon2.constants'