summaryrefslogtreecommitdiff
path: root/lib/models
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--lib/models/user.js43
1 files changed, 29 insertions, 14 deletions
diff --git a/lib/models/user.js b/lib/models/user.js
index 648db73e..76e20a32 100644
--- a/lib/models/user.js
+++ b/lib/models/user.js
@@ -1,11 +1,20 @@
'use strict'
// external modules
-var Sequelize = require('sequelize')
-var scrypt = require('@mlink/scrypt')
+const Sequelize = require('sequelize')
+const crypto = require('crypto')
+if (!crypto.scrypt) {
+ // polyfill for node.js 8.0, see https://github.com/chrisveness/scrypt-kdf#openssl-implementation
+ const scryptAsync = require('scrypt-async')
+ crypto.scrypt = function (password, salt, keylen, options, callback) {
+ const opt = Object.assign({}, options, { dkLen: keylen })
+ scryptAsync(password, salt, opt, (derivedKey) => callback(null, Buffer.from(derivedKey)))
+ }
+}
+const scrypt = require('scrypt-kdf')
// core
-var logger = require('../logger')
-var {generateAvatarURL} = require('../letter-avatars')
+const logger = require('../logger')
+const { generateAvatarURL } = require('../letter-avatars')
module.exports = function (sequelize, DataTypes) {
var User = sequelize.define('User', {
@@ -41,20 +50,12 @@ module.exports = function (sequelize, DataTypes) {
}
},
password: {
- type: Sequelize.TEXT,
- set: function (value) {
- var hash = scrypt.kdfSync(value, scrypt.paramsSync(0.1)).toString('hex')
- this.setDataValue('password', hash)
- }
+ type: Sequelize.TEXT
}
}, {
instanceMethods: {
verifyPassword: function (attempt) {
- if (scrypt.verifyKdfSync(Buffer.from(this.password, 'hex'), attempt)) {
- return this
- } else {
- return false
- }
+ return scrypt.verify(Buffer.from(this.password, 'hex'), attempt)
}
},
classMethods: {
@@ -153,5 +154,19 @@ module.exports = function (sequelize, DataTypes) {
}
})
+ function updatePasswordHashHook (user, options, done) {
+ // suggested way to hash passwords to be able to do this asynchronously:
+ // @see https://github.com/sequelize/sequelize/issues/1821#issuecomment-44265819
+ if (!user.changed('password')) { return done() }
+
+ scrypt.kdf(user.getDataValue('password'), { logN: 15 }).then(keyBuf => {
+ user.setDataValue('password', keyBuf.toString('hex'))
+ done()
+ })
+ }
+
+ User.beforeCreate(updatePasswordHashHook)
+ User.beforeUpdate(updatePasswordHashHook)
+
return User
}