Fix LegacyScrypt (#1370)

.auri/$e3mj84c4.md

@@ -0,0 +1,6 @@
+---
+package: "lucia" # package name
+type: "patch" # "major", "minor", "patch"
+---
+
+Fix `LegacyScrypt` generating malformed hash (see PR for fix)

packages/lucia/src/crypto.test.ts

@@ -1,5 +1,5 @@
 import { test, expect } from "vitest";
-import { Scrypt } from "./crypto.js";
+import { Scrypt, LegacyScrypt } from "./crypto.js";
 import { encodeHex } from "oslo/encoding";
 
 test("validateScryptHash() validates hashes generated with generateScryptHash()", async () => {
@@ -10,3 +10,12 @@ test("validateScryptHash() validates hashes generated with generateScryptHash()"
 	const falsePassword = encodeHex(crypto.getRandomValues(new Uint8Array(32)));
 	await expect(scrypt.verify(hash, falsePassword)).resolves.toBe(false);
 });
+
+test("LegacyScrypt", async () => {
+	const password = encodeHex(crypto.getRandomValues(new Uint8Array(32)));
+	const scrypt = new LegacyScrypt();
+	const hash = await scrypt.hash(password);
+	await expect(scrypt.verify(hash, password)).resolves.toBe(true);
+	const falsePassword = encodeHex(crypto.getRandomValues(new Uint8Array(32)));
+	await expect(scrypt.verify(hash, falsePassword)).resolves.toBe(false);
+})

packages/lucia/src/crypto.ts

@@ -42,7 +42,7 @@ export class LegacyScrypt implements PasswordHashingAlgorithm {
 	async hash(password: string): Promise<string> {
 		const salt = encodeHex(crypto.getRandomValues(new Uint8Array(16)));
 		const key = await generateScryptKey(password.normalize("NFKC"), salt);
-		return `${salt}:${encodeHex(key)}`;
+		return `s2:${salt}:${encodeHex(key)}`;
 	}
 	async verify(hash: string, password: string): Promise<boolean> {
 		const parts = hash.split(":");