hash in ruby

Author: nna774

app/webapp/ruby/lib/torb/web.rb

@@ -3,6 +3,7 @@
 require 'erubi'
 require 'mysql2'
 require 'mysql2-cs-bind'
+require 'openssl'
 
 module Torb
   class Web < Sinatra::Base
@@ -272,7 +273,7 @@ def render_report_csv(reports)
       password   = body_params['password']
 
       user      = db.xquery('SELECT * FROM users WHERE login_name = ?', login_name).first
-      pass_hash = db.xquery('SELECT SHA2(?, 256) AS pass_hash', password).first['pass_hash']
+      pass_hash = OpenSSL::Digest::SHA256.hexdigest(password)
       halt_with_error 401, 'authentication_failed' if user.nil? || pass_hash != user['pass_hash']
 
       session['user_id'] = user['id']