fyindr
/
siimee
Следить 4
В избранное 3
Форкнуть 1
Код Pull Request'ы 1 Релизы 4 Вики Активность
Просмотр исходного кода

broken newAuth

tags/0.0.1^2
diaseu 3 лет назад
Родитель
bc335aa39a
Сommit
fea8e923a2
1 измененных файлов: 48 добавлений и 40 удалений
Разделённый вид Показать статистику Diff
  1. 48
    40
      backend/lib/services/user.js

+ 48
- 40
backend/lib/services/user.js Просмотреть файл 

@@ -5,6 +5,36 @@ const Jwt = require('@hapi/jwt')
5 5 
 const Schmervice = require('@hapipal/schmervice')
6 6 
 const SecurePassword = require('secure-password')
7 7
8 
+const hasher = async (pwd, steak) => {
9 
+    const hash = await pwd.hash(steak)
10 
+    const result = await pwd.verify(steak, hash)
11 
+    let squirtle = null
12 
+
13 
+    switch (result) {
14 
+        case SecurePassword.INVALID_UNRECOGNIZED_HASH:
15 
+            return console.error(
16 
+                'This hash was not made with secure-password. Attempt legacy algorithm',
17 
+            )
18 
+        case SecurePassword.INVALID:
19 
+            return console.log('Invalid password')
20 
+        case SecurePassword.VALID:
21 
+            return result
22 
+        case SecurePassword.VALID_NEEDS_REHASH:
23 
+            console.log('Yay you made it, wait for us to improve your safety')
24 
+            try {
25 
+                squirtle = await pwd.hash(steak)
26 
+                // console.log('improvedHash', squirtle)
27 
+                // const saveHash = Auth.insert({user_email: matchingEmails}, ).into('token')
28 
+                return squirtle
29 
+            } catch (err) {
30 
+                console.error(
31 
+                    'You are authenticated, but we could not improve your safety this time around',
32 
+                )
33 
+            }
34 
+            break
35 
+    }
36 
+}
37 
+
8 38 
 /** Class for methods used in the User plugin */
9 39 
 module.exports = class UserService extends Schmervice.Service {
10 40 
     /**
 
@@ -57,7 +87,7 @@ module.exports = class UserService extends Schmervice.Service {
57 87 
      * @returns
58 88 
      */
59 89 
     async signup({ password, userInfo }, txn) {
60 
-        const { User } = this.server.models()
90 
+        const { User, Auth } = this.server.models()
61 91 
         const matchingEmails = await User.query().where(
62 92 
             'user_email',
63 93 
             userInfo.user_email,
 
@@ -65,47 +95,25 @@ module.exports = class UserService extends Schmervice.Service {
65 95 
         if (matchingEmails.length > 0) {
66 96 
             throw `User ${userInfo.user_email} already exists: Cannot create a user without a unique email`
67 97 
         }
68 
-
98 
+
69 99 
         // Library: Secure-Password
70 100 
         const pepper = process.env.PEPPER
71 
-        // add pepper to pw
72 
-        const steak = password.trim() + pepper
73 
-        console.log(steak)
74 101
75 
-        const { Auth } = this.server.models()
102 
+        // add pepper to pw and convert to buffer to prep for hash bytes
103 
+        const steak = Buffer.from(password + pepper, 'utf-8')
104 
+
76 105 
         // send peppered pw to (argon algorithm) library for salted hash
77 
-        pwd.hash(steak, function (err, hash) {
78 
-            if (err) throw err
79 
-
80 
-            // Save hash somewhere
81 
-            pwd.verify(steak, hash, function (err, result) {
82 
-                if (err) throw err
83 
-
84 
-                switch (result) {
85 
-                case securePassword.INVALID_UNRECOGNIZED_HASH:
86 
-                    return console.error('This hash was not made with secure-password. Attempt legacy algorithm')
87 
-                case securePassword.INVALID:
88 
-                    return console.log('Invalid password')
89 
-                case securePassword.VALID:
90 
-                    return console.log('Authenticated')
91 
-                case securePassword.VALID_NEEDS_REHASH:
92 
-                    console.log('Yay you made it, wait for us to improve your safety')
93 
-
94 
-                    pwd.hash(userPassword, function (err, improvedHash) {
95 
-                    if (err) console.error('You are authenticated, but we could not improve your safety this time around')
96 
-
97 
-                    // Save improvedHash somewhere
98 
-                    // insert hash and salt into authentication table (with user, see 73)
99 
-                    const saveHash = Auth.insert({ user_email: matchingEmails})
100 
-                        .into('token')
101 
-
102 
-                    return saveHash
103 
-                    })
104 
-                    break
105 
-                }
106 
-            })
107 
-            })
108 
-
106 
+        const hashed = await hasher(this.pwd, steak)
107 
+        console.log("hashed", hashed)
108 
+
109 
+        const newAuth = await Auth.query(txn).insert({
110 
+            user_email: userInfo.user_email,
111 
+            created_at: new Date.now(),
112 
+            token: hashed,
113 
+        })
114 
+        console.log("newAuth", newAuth)
115 
+        // return newAuth
116 
+
109 117 
         // const user = await User.query(txn).insert(userInfo)
110 118 
         // user.user_id = user.id
111 119 
         // delete user.id
 
@@ -210,11 +218,11 @@ module.exports = class UserService extends Schmervice.Service {
210 218
211 219 
     async getPassword(email, txn) {
212 220 
         const { Auth } = this.server.models()
213 
-
221 
+
214 222 
         const passwordRow = await Auth.query(txn)
215 223 
             .where('user_email', email)
216 224 
             .first()
217 
-
225 
+
218 226 
         return passwordRow ? passwordRow.token : null
219 227 
     }
220 228 
 }

Редактирование Предпросмотр
Загрузка…
Отмена
Сохранить