github/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2024-10-19 13:50:15 -04:00
Code Issues Projects Releases Packages Wiki Activity

auth: add hash function

Browse source 
the hash function uses bcrypt with 2^16 iterations.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
This commit is contained in:
Philip Molares 2021-01-17 14:32:17 +01:00
parent 025f24122c
commit 15ca030b67
3 changed files with 44 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
package.json
View file

@ -27,15 +27,21 @@
"@nestjs/common": "7.6.5",
"@nestjs/config": "0.6.2",
"@nestjs/core": "7.6.5",
"@nestjs/passport": "^7.1.5",
"@nestjs/platform-express": "7.6.5",
"@nestjs/swagger": "4.7.12",
"@nestjs/typeorm": "7.1.5",
"@types/bcrypt": "^3.0.0",
"@types/passport-http-bearer": "^1.0.36",
"bcrypt": "^5.0.0",
"class-transformer": "0.3.2",
"class-validator": "0.13.1",
"cli-color": "2.0.0",
"connect-typeorm": "1.1.4",
"file-type": "16.2.0",
"joi": "17.3.0",
"passport": "^0.4.1",
"passport-http-bearer": "^1.0.1",
"raw-body": "2.4.1",
"reflect-metadata": "0.1.13",
"rimraf": "3.0.2",

6
src/users/users.service.ts
View file

@ -12,6 +12,7 @@ import { ConsoleLoggerService } from '../logger/console-logger.service';
import { UserInfoDto } from './user-info.dto';
import { User } from './user.entity';
import { AuthToken } from './auth-token.entity';
import { hash } from 'bcrypt'
import crypt from 'crypto';
import { AuthTokenDto } from './auth-token.dto';
import { AuthTokenWithSecretDto } from './auth-token-with-secret.dto';
@ -71,6 +72,11 @@ export class UsersService {
return user;
}
async hashPassword(password: string): Promise<string> {
// hash the password with bcrypt and 2^16 iterations
return hash(password, 16)
}
async getUserByAuthToken(token: string): Promise<User> {
const accessToken = await this.authTokenRepository.findOne({
where: { accessToken: token },

35
yarn.lock
View file

@ -776,6 +776,11 @@
dependencies:
"@babel/types" "^7.3.0"
"@types/bcrypt@^3.0.0":
version "3.0.0"
resolved "https://registry.yarnpkg.com/@types/bcrypt/-/bcrypt-3.0.0.tgz#851489a9065a067cb7f3c9cbe4ce9bed8bba0876"
integrity sha512-nohgNyv+1ViVcubKBh0+XiNJ3dO8nYu///9aJ4cgSqv70gBL+94SNy/iC2NLzKPT2Zt/QavrOkBVbZRLZmw6NQ==
"@types/body-parser@*":
version "1.19.0"
resolved "https://registry.yarnpkg.com/@types/body-parser/-/body-parser-1.19.0.tgz#0685b3c47eb3006ffed117cdd55164b61f80538f"
@ -1627,6 +1632,14 @@ bcrypt-pbkdf@^1.0.0:
dependencies:
tweetnacl "^0.14.3"
bcrypt@^5.0.0:
version "5.0.0"
resolved "https://registry.yarnpkg.com/bcrypt/-/bcrypt-5.0.0.tgz#051407c7cd5ffbfb773d541ca3760ea0754e37e2"
integrity sha512-jB0yCBl4W/kVHM2whjfyqnxTmOHkCX4kHEa5nYKSoGeYe8YrjTYTc87/6bwt1g8cmV0QrbhKriETg9jWtcREhg==
dependencies:
node-addon-api "^3.0.0"
node-pre-gyp "0.15.0"
big.js@^5.2.2:
version "5.2.2"
resolved "https://registry.yarnpkg.com/big.js/-/big.js-5.2.2.tgz#65f0af382f578bcdc742bd9c281e9cb2d7768328"
@ -4738,7 +4751,7 @@ mkdirp@1.x, mkdirp@^1.0.4:
resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-1.0.4.tgz#3eb5ed62622756d79a5f0e2a221dfebad75c2f7e"
integrity sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==
"mkdirp@>=0.5 0", mkdirp@^0.5.0, mkdirp@^0.5.1:
"mkdirp@>=0.5 0", mkdirp@^0.5.0, mkdirp@^0.5.1, mkdirp@^0.5.3:
version "0.5.5"
resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-0.5.5.tgz#d91cefd62d1436ca0f41620e251288d420099def"
integrity sha512-NKmAlESf6jMGym1++R0Ra7wvhV+wFW63FaSOFPwRahvea0gMUcGUhVeAg/0BC0wiv9ih5NYPB1Wn1UEI1/L+xQ==
@ -4820,7 +4833,7 @@ natural-compare@^1.4.0:
resolved "https://registry.yarnpkg.com/natural-compare/-/natural-compare-1.4.0.tgz#4abebfeed7541f2c27acfb29bdbbd15c8d5ba4f7"
integrity sha1-Sr6/7tdUHywnrPspvbvRXI1bpPc=
needle@^2.2.1:
needle@^2.2.1, needle@^2.5.0:
version "2.6.0"
resolved "https://registry.yarnpkg.com/needle/-/needle-2.6.0.tgz#24dbb55f2509e2324b4a99d61f413982013ccdbe"
integrity sha512-KKYdza4heMsEfSWD7VPUIz3zX2XDwOyX2d+geb4vrERZMT5RMU6ujjaD+I5Yr54uZxQ2w6XRTAhHBbSCyovZBg==
@ -4911,6 +4924,22 @@ node-notifier@^8.0.0:
uuid "^8.3.0"
which "^2.0.2"
node-pre-gyp@0.15.0:
version "0.15.0"
resolved "https://registry.yarnpkg.com/node-pre-gyp/-/node-pre-gyp-0.15.0.tgz#c2fc383276b74c7ffa842925241553e8b40f1087"
integrity sha512-7QcZa8/fpaU/BKenjcaeFF9hLz2+7S9AqyXFhlH/rilsQ/hPZKK32RtR5EQHJElgu+q5RfbJ34KriI79UWaorA==
dependencies:
detect-libc "^1.0.2"
mkdirp "^0.5.3"
needle "^2.5.0"
nopt "^4.0.1"
npm-packlist "^1.1.6"
npmlog "^4.0.2"
rc "^1.2.7"
rimraf "^2.6.1"
semver "^5.3.0"
tar "^4.4.2"
node-pre-gyp@^0.11.0:
version "0.11.0"
resolved "https://registry.yarnpkg.com/node-pre-gyp/-/node-pre-gyp-0.11.0.tgz#db1f33215272f692cd38f03238e3e9b47c5dd054"
@ -6451,7 +6480,7 @@ tar@^2.0.0:
fstream "^1.0.12"
inherits "2"
tar@^4:
tar@^4, tar@^4.4.2:
version "4.4.13"
resolved "https://registry.yarnpkg.com/tar/-/tar-4.4.13.tgz#43b364bc52888d555298637b10d60790254ab525"
integrity sha512-w2VwSrBoHa5BsSyH+KxEqeQBAllHhccyMFVHtGtdMpF4W7IRWfZjFiQceJPChOeTsSDVUpER2T8FA93pr0L+QA==