github/overleaf
1
0
Fork 0
mirror of https://github.com/overleaf/overleaf.git synced 2024-11-30 04:55:17 -05:00
Code Issues Projects Releases Packages Wiki Activity

write to v1/v2 on register, password change and reset

Browse source 
GitOrigin-RevId: 29045912319d1d387613ec55c6620852d8857614
This commit is contained in:
Ersun Warncke 2019-05-30 11:15:15 -04:00 committed by sharelatex
parent d6651183b5
commit 8cc9bc5335
2 changed files with 33 additions and 61 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
services/web/app/src/Features/Authentication/AuthenticationManager.js
View file

@ -30,6 +30,8 @@ const BCRYPT_ROUNDS =
Settings != null ? Settings.security : undefined, Settings != null ? Settings.security : undefined,
x => x.bcryptRounds x => x.bcryptRounds
) || 12 ) || 12
const BCRYPT_MINOR_VERSION =
(Settings != null ? Settings.security.bcryptMinorVersion : undefined) || 'a'
const _checkWriteResult = function(result, callback) { const _checkWriteResult = function(result, callback) {
// for MongoDB // for MongoDB
@ -211,17 +213,24 @@ module.exports = AuthenticationManager = {
} }
}, },
hashPassword(password, callback) {
return bcrypt.genSalt(BCRYPT_ROUNDS, BCRYPT_MINOR_VERSION, function(
error,
salt
) {
if (error != null) {
return callback(error)
}
return bcrypt.hash(password, salt, callback)
})
},
setUserPasswordInV2(user_id, password, callback) { setUserPasswordInV2(user_id, password, callback) {
const validation = this.validatePassword(password) const validation = this.validatePassword(password)
if (validation != null) { if (validation != null) {
return callback(validation.message) return callback(validation.message)
} }
const minorVersion = 'a' return this.hashPassword(password, function(error, hash) {
return bcrypt.genSalt(BCRYPT_ROUNDS, minorVersion, function(error, salt) {
if (error != null) {
return callback(error)
}
return bcrypt.hash(password, salt, function(error, hash) {
if (error != null) { if (error != null) {
return callback(error) return callback(error)
} }
@ -245,7 +254,6 @@ module.exports = AuthenticationManager = {
} }
) )
}) })
})
}, },
setUserPasswordInV1(v1_user_id, password, callback) { setUserPasswordInV1(v1_user_id, password, callback) {

38
services/web/test/unit/src/PasswordReset/PasswordResetHandlerTests.js
View file

@ -290,7 +290,7 @@ describe('PasswordResetHandler', function() {
}) })
}) })
describe('when the data is a new style user_id', function() { return describe('when the data is a new style user_id', function() {
beforeEach(function() { beforeEach(function() {
this.AuthenticationManager.setUserPassword.yields( this.AuthenticationManager.setUserPassword.yields(
null, null,
@ -319,41 +319,5 @@ describe('PasswordResetHandler', function() {
.should.equal(true) .should.equal(true)
}) })
}) })
return describe('when the data is v1 id', function() {
beforeEach(function() {
this.v1_user_id = 2345
this.AuthenticationManager.setUserPasswordInV1.yields(null, true)
this.UserGetter.getUser
.withArgs({ 'overleaf.id': this.v1_user_id })
.yields(null, { _id: this.user_id })
this.OneTimeTokenHandler.getValueFromTokenAndExpire.yields(null, {
v1_user_id: this.v1_user_id
})
return this.PasswordResetHandler.setNewUserPassword(
this.token,
this.password,
this.callback
)
})
it('should call setUserPasswordInV1', function() {
return this.AuthenticationManager.setUserPasswordInV1
.calledWith(this.v1_user_id, this.password)
.should.equal(true)
})
it('should look up the user by v1 id for the v2 user id', function() {
return this.UserGetter.getUser
.calledWith({ 'overleaf.id': this.v1_user_id })
.should.equal(true)
})
return it('should reset == true and the user_id', function() {
return this.callback
.calledWith(null, true, this.user_id)
.should.equal(true)
})
})
}) })
}) })