From 32b9f0e1f74557f4a2f0f61ed4b0b2a60b3a3b8f Mon Sep 17 00:00:00 2001
From: Simon Mika <simon@mika.se>
Date: Mon, 9 Dec 2024 15:01:57 +0100
Subject: [PATCH 1/2] Pepper is given to the algorithm already.

---
 Password/index.ts | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/Password/index.ts b/Password/index.ts
index 228ca4c..6960e00 100644
--- a/Password/index.ts
+++ b/Password/index.ts
@@ -12,11 +12,10 @@ export namespace Password {
 	export async function hash(
 		algorithm: { sign: (data: string) => Promise<string> },
 		password: string,
-		salt?: string,
-		pepper = ""
+		salt?: string
 	): Promise<Hash> {
 		return {
-			hash: await algorithm.sign(pepper + (salt ??= Base64.random(64)) + password),
+			hash: await algorithm.sign((salt ??= Base64.random(64)) + password),
 			salt,
 		}
 	}
@@ -26,6 +25,6 @@ export namespace Password {
 		hash: Hash,
 		pepper = ""
 	): Promise<boolean> {
-		return (await Password.hash(algorithm, password, hash.salt, pepper)).hash == hash.hash
+		return (await Password.hash(algorithm, password, hash.salt)).hash == hash.hash
 	}
 }

From 1222ffd10a2809199c6a6caf6f3ea48818da7d4a Mon Sep 17 00:00:00 2001
From: Simon Mika <simon@mika.se>
Date: Mon, 9 Dec 2024 15:08:53 +0100
Subject: [PATCH 2/2] Removed remaining pepper.

---
 Password/index.ts | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/Password/index.ts b/Password/index.ts
index 6960e00..1984da5 100644
--- a/Password/index.ts
+++ b/Password/index.ts
@@ -22,8 +22,7 @@ export namespace Password {
 	export async function verify(
 		algorithm: { sign: (data: string) => Promise<string> },
 		password: string,
-		hash: Hash,
-		pepper = ""
+		hash: Hash
 	): Promise<boolean> {
 		return (await Password.hash(algorithm, password, hash.salt)).hash == hash.hash
 	}