fyindr
/
siimee
Tarkkaile 4
Äänestä 3
Fork 1
Koodi Pull-pyynnöt 1 Julkaisut 4 Wiki Activity
Selaa lähdekoodia

first draft of signup

tags/0.0.1^2
diaseu 3 vuotta sitten
vanhempi
81b85c411a
commit
3799d1c432
1 muutettua tiedostoa jossa 47 lisäystä ja 6 poistoa
Jaettu näkymä Näytä diff tilastot
  1. 47
    6
      backend/lib/services/user.js

+ 47
- 6
backend/lib/services/user.js Näytä tiedosto 

@@ -1,5 +1,5 @@
1 1 
 'use strict'
2 
-
2 
+require('dotenv').config()
3 3 
 const Util = require('util')
4 4 
 const Jwt = require('@hapi/jwt')
5 5 
 const Schmervice = require('@hapipal/schmervice')
 
@@ -62,15 +62,55 @@ module.exports = class UserService extends Schmervice.Service {
62 62 
             'user_email',
63 63 
             userInfo.user_email,
64 64 
         )
65 
-
66 65 
         if (matchingEmails.length > 0) {
67 66 
             throw `User ${userInfo.user_email} already exists: Cannot create a user without a unique email`
68 67 
         }
69 
-        const user = await User.query(txn).insert(userInfo)
70 
-        user.user_id = user.id
71 
-        delete user.id
68 
+
69 
+        // Library: Secure-Password
70 
+        const pepper = process.env.PEPPER
71 
+        // add pepper to pw
72 
+        const steak = password.trim() + pepper
73 
+        console.log(steak)
74 
+
75 
+        const { Auth } = this.server.models()
76 
+        // send peppered pw to (argon algorithm) library for salted hash
77 
+        pwd.hash(steak, function (err, hash) {
78 
+            if (err) throw err
79 
+
80 
+            // Save hash somewhere
81 
+            pwd.verify(steak, hash, function (err, result) {
82 
+                if (err) throw err
83 
+
84 
+                switch (result) {
85 
+                case securePassword.INVALID_UNRECOGNIZED_HASH:
86 
+                    return console.error('This hash was not made with secure-password. Attempt legacy algorithm')
87 
+                case securePassword.INVALID:
88 
+                    return console.log('Invalid password')
89 
+                case securePassword.VALID:
90 
+                    return console.log('Authenticated')
91 
+                case securePassword.VALID_NEEDS_REHASH:
92 
+                    console.log('Yay you made it, wait for us to improve your safety')
93 
+
94 
+                    pwd.hash(userPassword, function (err, improvedHash) {
95 
+                    if (err) console.error('You are authenticated, but we could not improve your safety this time around')
96 
+
97 
+                    // Save improvedHash somewhere
98 
+                    // insert hash and salt into authentication table (with user, see 73)
99 
+                    const saveHash = Auth.insert({ user_email: matchingEmails})
100 
+                        .into('token')
101 
+
102 
+                    return saveHash
103 
+                    })
104 
+                    break
105 
+                }
106 
+            })
107 
+            })
108 
+
109 
+        // const user = await User.query(txn).insert(userInfo)
110 
+        // user.user_id = user.id
111 
+        // delete user.id
72 112 
         // await this.changePassword(id, password, txn)
73 
-        return user
113 
+        // return user
74 114 
     }
75 115
76 116 
     /**
 
@@ -157,6 +197,7 @@ module.exports = class UserService extends Schmervice.Service {
157 197 
     async changePassword(id, password, txn) {
158 198 
         const { User } = this.server.models()
159 199 
         return 'done'
200 
+        // rework with Auth model
160 201
161 202 
         // await User.query(txn)
162 203 
         //     .throwIfNotFound()

Write Preview
Loading…
Peruuta
Tallenna