getting password hashing into a hook where it could be async

Signed-off-by: Claudius <opensource@amenthes.de>

1 files changed, 14 insertions, 6 deletions

diff --git a/lib/models/user.js b/lib/models/user.js
index 648db73e..bcf3c094 100644
--- a/lib/models/user.js
+++ b/lib/models/user.js
@@ -5,7 +5,7 @@ var scrypt = require('@mlink/scrypt')
 
 // core
 var logger = require('../logger')
-var {generateAvatarURL} = require('../letter-avatars')
+var { generateAvatarURL } = require('../letter-avatars')
 
 module.exports = function (sequelize, DataTypes) {
   var User = sequelize.define('User', {
@@ -41,11 +41,7 @@ module.exports = function (sequelize, DataTypes) {
       }
     },
     password: {
-      type: Sequelize.TEXT,
-      set: function (value) {
-        var hash = scrypt.kdfSync(value, scrypt.paramsSync(0.1)).toString('hex')
-        this.setDataValue('password', hash)
-      }
+      type: Sequelize.TEXT
     }
   }, {
     instanceMethods: {
@@ -153,5 +149,17 @@ module.exports = function (sequelize, DataTypes) {
     }
   })
 
+  function updatePasswordHashHook (user, options, done) {
+    // suggested way to hash passwords to be able to do this asynchronously:
+    // @see https://github.com/sequelize/sequelize/issues/1821#issuecomment-44265819
+    if (!user.changed('password')) { return done() }
+    const hash = scrypt.kdfSync(user.get('password'), scrypt.paramsSync(0.1)).toString('hex')
+    user.setDataValue('password', hash)
+    done()
+  }
+
+  User.beforeCreate(updatePasswordHashHook)
+  User.beforeUpdate(updatePasswordHashHook)
+
   return User
 }