refactor: password logic in http w/ isCookieValid

This commit is contained in:
Joe Previte 2021-06-02 17:24:37 -07:00
parent 6020480b30
commit 923761cd78
No known key found for this signature in database
GPG Key ID: 2C91590C6B742C24
1 changed files with 11 additions and 9 deletions

View File

@ -8,7 +8,7 @@ import { normalize, Options } from "../common/util"
import { AuthType, DefaultedArgs } from "./cli"
import { commit, rootPath } from "./constants"
import { Heart } from "./heart"
import { isHashMatch } from "./util"
import { getPasswordMethod, handlePasswordValidation, IsCookieValidArgs, isCookieValid, isHashMatch } from "./util"
declare global {
// eslint-disable-next-line @typescript-eslint/no-namespace
@ -68,14 +68,16 @@ export const authenticated = async (req: express.Request): Promise<boolean> => {
return true
case AuthType.Password:
// The password is stored in the cookie after being hashed.
// TODO@jsjoeio this also needs to be refactored to check if they're using the legacy password
// or the new one. we can't assume hashed-password means legacy
return !!(
req.cookies.key &&
(req.args["hashed-password"]
? safeCompare(req.cookies.key, req.args["hashed-password"])
: req.args.password && (await isHashMatch(req.args.password, req.cookies.key)))
)
const hashedPasswordFromArgs = req.args["hashed-password"]
const passwordMethod = getPasswordMethod(hashedPasswordFromArgs)
const isCookieValidArgs: IsCookieValidArgs = {
passwordMethod,
cookieKey: req.cookies.key as string,
passwordFromArgs: req.args.password || "",
hashedPasswordFromArgs: req.args["hashed-password"],
}
return await isCookieValid(isCookieValidArgs)
default:
throw new Error(`Unsupported auth type ${req.args.auth}`)
}