kopia lustrzana https://github.com/c9/core
34 wiersze
1.1 KiB
JavaScript
34 wiersze
1.1 KiB
JavaScript
/**
|
|
* Password encrypting and verifying
|
|
* Passwords are first hashed using md5 then encrypted using bcrypt.
|
|
*
|
|
*/
|
|
|
|
var hashing = require('./hashing');
|
|
var bcrypt;
|
|
try {
|
|
bcrypt = require('bcrypt');
|
|
} catch (e) {
|
|
console.error("Failed to load brcrypt - binary version mismatch?", e.stack);
|
|
process.exit(1);
|
|
}
|
|
var SALT_LENGTH = 8;
|
|
|
|
exports.encrypt = function(password, callback) {
|
|
var passwordHashed = hashing.md5(password);
|
|
bcrypt.hash(passwordHashed, SALT_LENGTH, function(err, passwordEncrypted) {
|
|
if (err) return callback(err);
|
|
callback(null, passwordEncrypted);
|
|
});
|
|
};
|
|
|
|
exports.compare = function(password, encrypted, callback) {
|
|
var passwordHashed = hashing.md5(password);
|
|
if (passwordHashed == encrypted) { // Some passwords may still only be hashed, not bcrypted, so see if that worked first.
|
|
return callback(null, true);
|
|
}
|
|
bcrypt.compare(passwordHashed, encrypted, function (err, result) { // Password is stored hashed then bcrypted, so we compare using the hashed password.
|
|
if (err) return callback(err);
|
|
callback(null, result);
|
|
});
|
|
}; |