diff options
author | Claudius | 2019-05-13 11:51:05 +0200 |
---|---|---|
committer | Claudius | 2019-05-13 19:37:21 +0200 |
commit | 1d403e183d50001bf0f20113d15994007b14696b (patch) | |
tree | 8942eb0c2dd344691bf3d2eaf6a524bbd3095707 /lib/models | |
parent | df666dd2140c8955765972230260d6e4bd5de42a (diff) |
asyncified setting and verifying the password
Signed-off-by: Claudius <opensource@amenthes.de>
Diffstat (limited to '')
-rw-r--r-- | lib/models/user.js | 16 |
1 files changed, 7 insertions, 9 deletions
diff --git a/lib/models/user.js b/lib/models/user.js index bcf3c094..8da12b83 100644 --- a/lib/models/user.js +++ b/lib/models/user.js @@ -1,7 +1,7 @@ 'use strict' // external modules var Sequelize = require('sequelize') -var scrypt = require('@mlink/scrypt') +var scrypt = require('scrypt-kdf') // core var logger = require('../logger') @@ -46,11 +46,7 @@ module.exports = function (sequelize, DataTypes) { }, { instanceMethods: { verifyPassword: function (attempt) { - if (scrypt.verifyKdfSync(Buffer.from(this.password, 'hex'), attempt)) { - return this - } else { - return false - } + return scrypt.verify(Buffer.from(this.password, 'hex'), attempt) } }, classMethods: { @@ -153,9 +149,11 @@ module.exports = function (sequelize, DataTypes) { // suggested way to hash passwords to be able to do this asynchronously: // @see https://github.com/sequelize/sequelize/issues/1821#issuecomment-44265819 if (!user.changed('password')) { return done() } - const hash = scrypt.kdfSync(user.get('password'), scrypt.paramsSync(0.1)).toString('hex') - user.setDataValue('password', hash) - done() + + scrypt.kdf(user.getDataValue('password'), { logN: 15 }).then(keyBuf => { + user.setDataValue('password', keyBuf.toString('hex')) + done() + }) } User.beforeCreate(updatePasswordHashHook) |