switching hashing arguments
This commit is contained in:
parent
ea1c805d4e
commit
8ad1832c90
|
@ -13,6 +13,7 @@
|
||||||
},
|
},
|
||||||
"scripts": {
|
"scripts": {
|
||||||
"test": "jest",
|
"test": "jest",
|
||||||
|
"test:watch": "jest --watch",
|
||||||
"build": "rollup -c rollup.config.js"
|
"build": "rollup -c rollup.config.js"
|
||||||
},
|
},
|
||||||
"keywords": [
|
"keywords": [
|
||||||
|
|
|
@ -49,7 +49,7 @@ export const _authenticate = async (app, username, password) => {
|
||||||
|
|
||||||
const permissions = await buildUserPermissions(app, user.accessLevels);
|
const permissions = await buildUserPermissions(app, user.accessLevels);
|
||||||
|
|
||||||
const verified = await app.crypto.verify(
|
const verified = app.crypto.verify(
|
||||||
userAuth.passwordHash,
|
userAuth.passwordHash,
|
||||||
password,
|
password,
|
||||||
);
|
);
|
||||||
|
@ -89,7 +89,7 @@ export const authenticateTemporaryAccess = app => async (tempAccessCode) => {
|
||||||
if (userAuth.temporaryAccessExpiryEpoch < await app.getEpochTime()) { user = notAUser; }
|
if (userAuth.temporaryAccessExpiryEpoch < await app.getEpochTime()) { user = notAUser; }
|
||||||
|
|
||||||
const tempCode = !temp.code ? generate() : temp.code;
|
const tempCode = !temp.code ? generate() : temp.code;
|
||||||
const verified = await app.crypto.verify(
|
const verified = app.crypto.verify(
|
||||||
userAuth.temporaryAccessHash,
|
userAuth.temporaryAccessHash,
|
||||||
tempCode,
|
tempCode,
|
||||||
);
|
);
|
||||||
|
|
|
@ -66,7 +66,7 @@ export const getTemporaryCode = async (app) => {
|
||||||
const tempId = generate();
|
const tempId = generate();
|
||||||
|
|
||||||
return {
|
return {
|
||||||
temporaryAccessHash: await app.crypto.hash(
|
temporaryAccessHash: app.crypto.hash(
|
||||||
tempCode,
|
tempCode,
|
||||||
),
|
),
|
||||||
temporaryAccessExpiryEpoch:
|
temporaryAccessExpiryEpoch:
|
||||||
|
|
|
@ -75,7 +75,7 @@ const getAccess = async (app, password) => {
|
||||||
|
|
||||||
if (isNonEmptyString(password)) {
|
if (isNonEmptyString(password)) {
|
||||||
if (isValidPassword(password)) {
|
if (isValidPassword(password)) {
|
||||||
auth.passwordHash = await app.crypto.hash(password);
|
auth.passwordHash = app.crypto.hash(password);
|
||||||
auth.temporaryAccessHash = '';
|
auth.temporaryAccessHash = '';
|
||||||
auth.temporaryAccessId = '';
|
auth.temporaryAccessId = '';
|
||||||
auth.temporaryAccessExpiryEpoch = 0;
|
auth.temporaryAccessExpiryEpoch = 0;
|
||||||
|
|
|
@ -30,7 +30,7 @@ export const _changeMyPassword = async (app, currentPw, newpassword) => {
|
||||||
);
|
);
|
||||||
|
|
||||||
if (isSomething(existingAuth.passwordHash)) {
|
if (isSomething(existingAuth.passwordHash)) {
|
||||||
const verified = await app.crypto.verify(
|
const verified = app.crypto.verify(
|
||||||
existingAuth.passwordHash,
|
existingAuth.passwordHash,
|
||||||
currentPw,
|
currentPw,
|
||||||
);
|
);
|
||||||
|
@ -73,7 +73,7 @@ export const _setPasswordFromTemporaryCode = async (app, tempCode, newpassword)
|
||||||
|
|
||||||
if (isSomething(existingAuth.temporaryAccessHash)
|
if (isSomething(existingAuth.temporaryAccessHash)
|
||||||
&& existingAuth.temporaryAccessExpiryEpoch > currentTime) {
|
&& existingAuth.temporaryAccessExpiryEpoch > currentTime) {
|
||||||
const verified = await app.crypto.verify(
|
const verified = app.crypto.verify(
|
||||||
existingAuth.temporaryAccessHash,
|
existingAuth.temporaryAccessHash,
|
||||||
temp.code,
|
temp.code,
|
||||||
);
|
);
|
||||||
|
@ -93,7 +93,7 @@ export const _setPasswordFromTemporaryCode = async (app, tempCode, newpassword)
|
||||||
const doSet = async (app, auth, username, newpassword) => {
|
const doSet = async (app, auth, username, newpassword) => {
|
||||||
auth.temporaryAccessHash = '';
|
auth.temporaryAccessHash = '';
|
||||||
auth.temporaryAccessExpiryEpoch = 0;
|
auth.temporaryAccessExpiryEpoch = 0;
|
||||||
auth.passwordHash = await app.crypto.hash(
|
auth.passwordHash = app.crypto.hash(
|
||||||
newpassword,
|
newpassword,
|
||||||
);
|
);
|
||||||
await app.datastore.updateJson(
|
await app.datastore.updateJson(
|
||||||
|
|
|
@ -4,7 +4,7 @@ function hash(password) {
|
||||||
return bcrypt.hashSync(password, 10);
|
return bcrypt.hashSync(password, 10);
|
||||||
}
|
}
|
||||||
|
|
||||||
function verify(password, hash) {
|
function verify(hash, password) {
|
||||||
return bcrypt.compareSync(password, hash);
|
return bcrypt.compareSync(password, hash);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -7,7 +7,7 @@ import {permission} from "../src/authApi/permissions";
|
||||||
|
|
||||||
describe("authApi > authenticate", () => {
|
describe("authApi > authenticate", () => {
|
||||||
|
|
||||||
it("should return user + access when correct password supplied", async () => {
|
fit("should return user + access when correct password supplied", async () => {
|
||||||
const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields);
|
const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields);
|
||||||
const u = await validUser(app, authApi, "password");
|
const u = await validUser(app, authApi, "password");
|
||||||
const result = await authApi.authenticate(u.name, "password");
|
const result = await authApi.authenticate(u.name, "password");
|
||||||
|
|
|
@ -6,7 +6,9 @@ import {setupDatastore} from "../src/appInitialise";
|
||||||
import {configFolder, fieldDefinitions,
|
import {configFolder, fieldDefinitions,
|
||||||
templateDefinitions,
|
templateDefinitions,
|
||||||
joinKey,
|
joinKey,
|
||||||
isSomething} from "../src/common";
|
isSomething,
|
||||||
|
crypto as nodeCrypto
|
||||||
|
} from "../src/common";
|
||||||
import { getNewIndexTemplate } from "../src/templateApi/createNodes";
|
import { getNewIndexTemplate } from "../src/templateApi/createNodes";
|
||||||
import {indexTypes} from "../src/templateApi/indexes";
|
import {indexTypes} from "../src/templateApi/indexes";
|
||||||
import getTemplateApi from "../src/templateApi";
|
import getTemplateApi from "../src/templateApi";
|
||||||
|
@ -17,7 +19,6 @@ import {createBehaviourSources} from "../src/actionsApi/buildBehaviourSource";
|
||||||
import {createAction, createTrigger} from "../src/templateApi/createActions";
|
import {createAction, createTrigger} from "../src/templateApi/createActions";
|
||||||
import {initialiseActions} from "../src/actionsApi/initialise";
|
import {initialiseActions} from "../src/actionsApi/initialise";
|
||||||
import {cleanup} from "../src/transactions/cleanup";
|
import {cleanup} from "../src/transactions/cleanup";
|
||||||
import { crypto as nodeCrypto } from "@budibase/core";
|
|
||||||
import {permission} from "../src/authApi/permissions";
|
import {permission} from "../src/authApi/permissions";
|
||||||
import {generateFullPermissions} from "../src/authApi/generateFullPermissions"
|
import {generateFullPermissions} from "../src/authApi/generateFullPermissions"
|
||||||
import {initialiseData} from "../src/appInitialise/initialiseData";
|
import {initialiseData} from "../src/appInitialise/initialiseData";
|
||||||
|
|
Loading…
Reference in New Issue