|
|
- /** Crypto package used for hashing */
- const crypto = require('crypto');
-
- /**
- * Helper function to generate a hashed password
- * from a given plain text password.
- *
- * This uses 64 bits of entropy as the random salt
- * and uses sha256 hashing method to hash the password
- * combined with the salt.
- *
- * @param password
- * @returns {Object pass: hashedPassword, salt: salt used to hash}
- */
- const createHashedPasswordObject = function(password)
- {
- const randBuff = crypto.randomBytes(64);
-
- const salt = crypto.createHash('sha256').update(randBuff).digest('hex');
-
- const hashPass = hashPassword(password, salt);
-
- var hashPassObject = new Object();
- hashPassObject.pass = hashPass;
- hashPassObject.salt = salt;
- return hashPassObject;
- };
-
-
- /**
- * Hashes a pasword with a aprticular salt
- * using the crypto library
- *
- * @param password
- * @param salt
- */
- const hashPassword = function(password, salt)
- {
- return crypto.createHash('sha256')
- .update(password + salt)
- .digest('hex');
- };
-
- /**
- * Fetches the index of the user in the configuration. If the
- * user does not exists a -1 is returned.
- */
- const getIndexOfUser = function(username, configuration)
- {
- for(var i = 0; i < configuration.users.length; i++)
- {
- if (username === configuration.users[i].username)
- {
- if(username === configuration.users[i].username)
- {
- return i;
- }
- }
- }
- return -1;
- };
-
-
- module.exports =
- {
- /**
- * Checks to see if there was a valid login attempt
- *
- * @param username
- * @param password
- * @param configuration
- * @returns {boolean}
- */
- checkLogin: function(username, password, configuration)
- {
- const userIndex = getIndexOfUser(username, configuration);
- if(userIndex === -1)
- return false;
-
- const hashedPassword = hashPassword(password, configuration.users[userIndex].salt);
- return configuration.users[userIndex].password == hashedPassword;
- },
-
- /**
- * Adds a user to the configuration
- *
- * @param username
- * @param password
- * @param configuration
- * @returns {boolean}
- */
- addUser: function(username, password, configuration)
- {
- const userIndex = getIndexOfUser(username, configuration);
- if(userIndex !== -1)
- return false; // user already exists
-
- var newUser = new Object();
- newUser.username = username;
-
- if(configuration.users.length === 0)
- newUser.id = 1;
- else
- newUser.id = configuration.users[configuration.users.length -1].id + 1;
-
- const passObject = createHashedPasswordObject(password);
- newUser.salt = passObject.salt;
- newUser.password = passObject.pass;
-
- configuration.users.push(newUser);
-
- return true;
- },
-
- /**
- * Edits a user based on their id
- *
- * @param id
- * @param userName
- * @param password
- * @param configuration
- */
- editUser: function(id, userName, password, configuration)
- {
- for(var i = 0; i < configuration.users.length; i++)
- {
- if (configuration.users[i].id + "" === id)
- {
- configuration.users[i].username = userName;
-
- var passObj = createHashedPasswordObject(password);
- configuration.users[i].salt = passObj.salt;
- configuration.users[i].password = passObj.pass;
- }
- }
- },
-
- /**
- * Removes a user account from the configuration
- * @param id
- * @param configuration
- */
- removeUser: function(id, configuration)
- {
- configuration.users = configuration.users.filter(function(value, index, arr)
- {
- return value.id + "" !== id
- });
- }
- };
|