From 8ad1832c90e1cb74865b8508424dc6319c7654d4 Mon Sep 17 00:00:00 2001 From: Martin McKeaveney Date: Thu, 23 Jan 2020 11:25:48 +0000 Subject: [PATCH] switching hashing arguments --- packages/core/package.json | 1 + packages/core/src/authApi/authenticate.js | 4 ++-- packages/core/src/authApi/createTemporaryAccess.js | 2 +- packages/core/src/authApi/createUser.js | 2 +- packages/core/src/authApi/setPassword.js | 6 +++--- packages/core/src/common/nodeCrypto.js | 2 +- packages/core/test/authApi.authenticate.spec.js | 2 +- packages/core/test/specHelpers.js | 5 +++-- 8 files changed, 13 insertions(+), 11 deletions(-) diff --git a/packages/core/package.json b/packages/core/package.json index b6e8b26bc4..e4ecfd1ba6 100644 --- a/packages/core/package.json +++ b/packages/core/package.json @@ -13,6 +13,7 @@ }, "scripts": { "test": "jest", + "test:watch": "jest --watch", "build": "rollup -c rollup.config.js" }, "keywords": [ diff --git a/packages/core/src/authApi/authenticate.js b/packages/core/src/authApi/authenticate.js index 3d1bf05a67..54235e897e 100644 --- a/packages/core/src/authApi/authenticate.js +++ b/packages/core/src/authApi/authenticate.js @@ -49,7 +49,7 @@ export const _authenticate = async (app, username, password) => { const permissions = await buildUserPermissions(app, user.accessLevels); - const verified = await app.crypto.verify( + const verified = app.crypto.verify( userAuth.passwordHash, password, ); @@ -89,7 +89,7 @@ export const authenticateTemporaryAccess = app => async (tempAccessCode) => { if (userAuth.temporaryAccessExpiryEpoch < await app.getEpochTime()) { user = notAUser; } const tempCode = !temp.code ? generate() : temp.code; - const verified = await app.crypto.verify( + const verified = app.crypto.verify( userAuth.temporaryAccessHash, tempCode, ); diff --git a/packages/core/src/authApi/createTemporaryAccess.js b/packages/core/src/authApi/createTemporaryAccess.js index d35293f064..6624239939 100644 --- a/packages/core/src/authApi/createTemporaryAccess.js +++ b/packages/core/src/authApi/createTemporaryAccess.js @@ -66,7 +66,7 @@ export const getTemporaryCode = async (app) => { const tempId = generate(); return { - temporaryAccessHash: await app.crypto.hash( + temporaryAccessHash: app.crypto.hash( tempCode, ), temporaryAccessExpiryEpoch: diff --git a/packages/core/src/authApi/createUser.js b/packages/core/src/authApi/createUser.js index 6c42e9e2e0..0f76615108 100644 --- a/packages/core/src/authApi/createUser.js +++ b/packages/core/src/authApi/createUser.js @@ -75,7 +75,7 @@ const getAccess = async (app, password) => { if (isNonEmptyString(password)) { if (isValidPassword(password)) { - auth.passwordHash = await app.crypto.hash(password); + auth.passwordHash = app.crypto.hash(password); auth.temporaryAccessHash = ''; auth.temporaryAccessId = ''; auth.temporaryAccessExpiryEpoch = 0; diff --git a/packages/core/src/authApi/setPassword.js b/packages/core/src/authApi/setPassword.js index fc6a6e4b9a..3172364399 100644 --- a/packages/core/src/authApi/setPassword.js +++ b/packages/core/src/authApi/setPassword.js @@ -30,7 +30,7 @@ export const _changeMyPassword = async (app, currentPw, newpassword) => { ); if (isSomething(existingAuth.passwordHash)) { - const verified = await app.crypto.verify( + const verified = app.crypto.verify( existingAuth.passwordHash, currentPw, ); @@ -73,7 +73,7 @@ export const _setPasswordFromTemporaryCode = async (app, tempCode, newpassword) if (isSomething(existingAuth.temporaryAccessHash) && existingAuth.temporaryAccessExpiryEpoch > currentTime) { - const verified = await app.crypto.verify( + const verified = app.crypto.verify( existingAuth.temporaryAccessHash, temp.code, ); @@ -93,7 +93,7 @@ export const _setPasswordFromTemporaryCode = async (app, tempCode, newpassword) const doSet = async (app, auth, username, newpassword) => { auth.temporaryAccessHash = ''; auth.temporaryAccessExpiryEpoch = 0; - auth.passwordHash = await app.crypto.hash( + auth.passwordHash = app.crypto.hash( newpassword, ); await app.datastore.updateJson( diff --git a/packages/core/src/common/nodeCrypto.js b/packages/core/src/common/nodeCrypto.js index 3634117b88..9c16ea2358 100644 --- a/packages/core/src/common/nodeCrypto.js +++ b/packages/core/src/common/nodeCrypto.js @@ -4,7 +4,7 @@ function hash(password) { return bcrypt.hashSync(password, 10); } -function verify(password, hash) { +function verify(hash, password) { return bcrypt.compareSync(password, hash); } diff --git a/packages/core/test/authApi.authenticate.spec.js b/packages/core/test/authApi.authenticate.spec.js index 63af954553..df1ad16f45 100644 --- a/packages/core/test/authApi.authenticate.spec.js +++ b/packages/core/test/authApi.authenticate.spec.js @@ -7,7 +7,7 @@ import {permission} from "../src/authApi/permissions"; describe("authApi > authenticate", () => { - it("should return user + access when correct password supplied", async () => { + fit("should return user + access when correct password supplied", async () => { const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields); const u = await validUser(app, authApi, "password"); const result = await authApi.authenticate(u.name, "password"); diff --git a/packages/core/test/specHelpers.js b/packages/core/test/specHelpers.js index e1d823fb14..02e3bfa3a7 100644 --- a/packages/core/test/specHelpers.js +++ b/packages/core/test/specHelpers.js @@ -6,7 +6,9 @@ import {setupDatastore} from "../src/appInitialise"; import {configFolder, fieldDefinitions, templateDefinitions, joinKey, - isSomething} from "../src/common"; + isSomething, + crypto as nodeCrypto +} from "../src/common"; import { getNewIndexTemplate } from "../src/templateApi/createNodes"; import {indexTypes} from "../src/templateApi/indexes"; import getTemplateApi from "../src/templateApi"; @@ -17,7 +19,6 @@ import {createBehaviourSources} from "../src/actionsApi/buildBehaviourSource"; import {createAction, createTrigger} from "../src/templateApi/createActions"; import {initialiseActions} from "../src/actionsApi/initialise"; import {cleanup} from "../src/transactions/cleanup"; -import { crypto as nodeCrypto } from "@budibase/core"; import {permission} from "../src/authApi/permissions"; import {generateFullPermissions} from "../src/authApi/generateFullPermissions" import {initialiseData} from "../src/appInitialise/initialiseData";