Protecting your passwords
For protecting the user passwords or other sensitive data, we can use ocaml-safepass.
We can now write the encrypted password in our database (using Ocsipersist.table in this example) as follow:
let table =
Ocsipersist.Polymorphic.open_table "users"
let add_user username password =
(* Check if the user is already exist *)
Lwt.try_bind
(fun () -> Ocsipersist.Polymorphic.find table username)
(fun _ -> Lwt.return false)
(function
| Not_found ->
Ocsipersist.Polymorphic.add table username
(Bcrypt.hash password, email)
>>= fun () ->
Lwt.return true
| e -> Lwt.fail e
)