To give context, I was doing a job test, and my senior asked me to create a system to mass update the workers turns.Everything was fine until I got stuck in the part where I needed to do the user validation. He asked me to use the entity "Operator" which has the following fields:
id bigint AI PK name varchar(50) user varchar(50) hash varchar(50) idType int atm varchar(50)
The problem is that when the password is saved or updated, it is saved with a salt in SHA1.
1c83055bb43b1a0ac47a0320224b22c198aeaf33 or testeteste
The code on my backend to consult the database and validate the password is:
const queryFinal = `SELECT COUNT(*) FROM operators WHERE user = '${formLogin}' AND atm = sha1('${formPassword}')`;
Point is, how can i know/discover the secret, or is there a function in MySQL to encrypt so i can do the validation
I'm kind of lost right now. I hope someone can shed some light on my problem or share some experience on the matter.