encryption

server/utils/database.ts

@@ -1,5 +1,6 @@
 import Database from 'better-sqlite3'
 import { join } from 'path'
+import bcrypt from 'bcrypt'
 
 let db: Database.Database | null = null
 
@@ -52,15 +53,17 @@ export function getDatabase() {
       )
     `)
     
-    // Insert default admin user from environment variables
-    // In production, this should be hashed properly
+    // Insert default admin user from environment variables with hashed password
     const config = useRuntimeConfig()
     const adminUsername = config.adminUsername
     const adminPassword = config.adminPassword
     
     const userExists = db.prepare('SELECT COUNT(*) as count FROM users WHERE username = ?').get(adminUsername) as { count: number }
     if (userExists.count === 0) {
-      db.prepare('INSERT INTO users (username, password) VALUES (?, ?)').run(adminUsername, adminPassword)
+      // Hash the password before storing
+      const saltRounds = 10
+      const hashedPassword = bcrypt.hashSync(adminPassword, saltRounds)
+      db.prepare('INSERT INTO users (username, password) VALUES (?, ?)').run(adminUsername, hashedPassword)
     }
   }