summaryrefslogtreecommitdiff
path: root/modules
diff options
context:
space:
mode:
authorTom Smeding <tom.smeding@gmail.com>2019-11-20 15:01:33 +0100
committerTom Smeding <tom.smeding@gmail.com>2019-11-20 15:01:59 +0100
commitc77d725864de5908bc0ad9ce98ec8be29311838a (patch)
tree02faf116578d0d92d1ff8c4c2684330180a34634 /modules
parented6252563d642978af10cd363de5113e0006f19f (diff)
Bcrypt -> Scrypt
The bcrypt module doesn't support the newest Node, so let's use the built-in routines!
Diffstat (limited to 'modules')
-rw-r--r--modules/todo/todo.js35
1 files changed, 30 insertions, 5 deletions
diff --git a/modules/todo/todo.js b/modules/todo/todo.js
index 8fabc63..7f45263 100644
--- a/modules/todo/todo.js
+++ b/modules/todo/todo.js
@@ -2,12 +2,10 @@
var cmn=require("../$common.js"),
persist=require("node-persist"),
- bcrypt=require("bcrypt"),
+ crypto=require("crypto"),
basicAuth=require("basic-auth"),
fs=require("fs");
-var bcryptHashRounds=10;
-
var moddir=null;
persist=persist.create({
@@ -63,6 +61,33 @@ function shiftDate(date,repweeks){
return new Date(Y,M,D+7*repweeks,h,m,s,ms);
}
+function scryptHash(password,cb){
+ crypto.randomBytes(16,function(err,salt){
+ if(err){
+ cb(err,null);
+ return;
+ }
+ crypto.scrypt(password,salt,32,function(err,key){
+ if(err)cb(err,null);
+ else cb(null,salt.toString("hex")+"$"+key.toString("hex"));
+ });
+ });
+}
+
+function scryptCompare(password,hash,cb){
+ hash=hash.split("$");
+ if(hash.length!=2){
+ cb(new Error("Invalid hash in database"),null);
+ return;
+ }
+ var salt=Buffer.from(hash[0],"hex"),shash=hash[1];
+ crypto.scrypt(password,salt,32,function(err,key){
+ if(err)cb(err,null);
+ else if(key.toString("hex")==shash)cb(null,true);
+ else cb(null,false);
+ });
+}
+
function sendUnauth(res){
res.set("WWW-Authenticate","Basic realm=Authorization required");
@@ -82,7 +107,7 @@ function authMiddleware(req,res,next){
}
req.authuser=user.name;
if(accounts[req.authuser]){
- bcrypt.compare(user.pass,accounts[req.authuser],function(err,ok){
+ scryptCompare(user.pass,accounts[req.authuser],function(err,ok){
if(ok)next();
else sendUnauth(res);
});
@@ -130,7 +155,7 @@ module.exports=function(app,io,_moddir){
res.status(500).send("Too many accounts created, please contact Tom...");
return;
}
- bcrypt.hash(user.pass,bcryptHashRounds,function(err,hash){
+ scryptHash(user.pass,function(err,hash){
if(!hash){
res.status(500).send("Something went wrong...");
console.log(err);