diff options
| author | Chocobozzz <florian.bigard@gmail.com> | 2016-08-25 17:57:37 +0200 |
|---|---|---|
| committer | Chocobozzz <florian.bigard@gmail.com> | 2016-08-25 17:57:37 +0200 |
| commit | 26d7d31ba3b1d26ea9a51e8626e4a4537867db94 (patch) | |
| tree | 988da4baa1397aaaf46a3c131918257fee4bc34f /server/helpers | |
| parent | f84a89f0e7e9595d2b6f6dd59181c01f562a4239 (diff) | |
| download | PeerTube-26d7d31ba3b1d26ea9a51e8626e4a4537867db94.tar.gz PeerTube-26d7d31ba3b1d26ea9a51e8626e4a4537867db94.tar.zst PeerTube-26d7d31ba3b1d26ea9a51e8626e4a4537867db94.zip | |
Server: encrypt password in database
Diffstat (limited to 'server/helpers')
| -rw-r--r-- | server/helpers/peertube-crypto.js | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/server/helpers/peertube-crypto.js b/server/helpers/peertube-crypto.js index ef130ea5c..4783e9965 100644 --- a/server/helpers/peertube-crypto.js +++ b/server/helpers/peertube-crypto.js | |||
| @@ -1,5 +1,6 @@ | |||
| 1 | 'use strict' | 1 | 'use strict' |
| 2 | 2 | ||
| 3 | const bcrypt = require('bcrypt') | ||
| 3 | const crypto = require('crypto') | 4 | const crypto = require('crypto') |
| 4 | const fs = require('fs') | 5 | const fs = require('fs') |
| 5 | const openssl = require('openssl-wrapper') | 6 | const openssl = require('openssl-wrapper') |
| @@ -12,7 +13,9 @@ const algorithm = 'aes-256-ctr' | |||
| 12 | 13 | ||
| 13 | const peertubeCrypto = { | 14 | const peertubeCrypto = { |
| 14 | checkSignature: checkSignature, | 15 | checkSignature: checkSignature, |
| 16 | comparePassword: comparePassword, | ||
| 15 | createCertsIfNotExist: createCertsIfNotExist, | 17 | createCertsIfNotExist: createCertsIfNotExist, |
| 18 | cryptPassword: cryptPassword, | ||
| 16 | decrypt: decrypt, | 19 | decrypt: decrypt, |
| 17 | encrypt: encrypt, | 20 | encrypt: encrypt, |
| 18 | sign: sign | 21 | sign: sign |
| @@ -24,6 +27,14 @@ function checkSignature (publicKey, rawData, hexSignature) { | |||
| 24 | return isValid | 27 | return isValid |
| 25 | } | 28 | } |
| 26 | 29 | ||
| 30 | function comparePassword (plainPassword, hashPassword, callback) { | ||
| 31 | bcrypt.compare(plainPassword, hashPassword, function (err, isPasswordMatch) { | ||
| 32 | if (err) return callback(err) | ||
| 33 | |||
| 34 | return callback(null, isPasswordMatch) | ||
| 35 | }) | ||
| 36 | } | ||
| 37 | |||
| 27 | function createCertsIfNotExist (callback) { | 38 | function createCertsIfNotExist (callback) { |
| 28 | certsExist(function (exist) { | 39 | certsExist(function (exist) { |
| 29 | if (exist === true) { | 40 | if (exist === true) { |
| @@ -36,6 +47,16 @@ function createCertsIfNotExist (callback) { | |||
| 36 | }) | 47 | }) |
| 37 | } | 48 | } |
| 38 | 49 | ||
| 50 | function cryptPassword (password, callback) { | ||
| 51 | bcrypt.genSalt(constants.BCRYPT_SALT_SIZE, function (err, salt) { | ||
| 52 | if (err) return callback(err) | ||
| 53 | |||
| 54 | bcrypt.hash(password, salt, function (err, hash) { | ||
| 55 | return callback(err, hash) | ||
| 56 | }) | ||
| 57 | }) | ||
| 58 | } | ||
| 59 | |||
| 39 | function decrypt (key, data, callback) { | 60 | function decrypt (key, data, callback) { |
| 40 | fs.readFile(constants.CONFIG.STORAGE.CERT_DIR + 'peertube.key.pem', function (err, file) { | 61 | fs.readFile(constants.CONFIG.STORAGE.CERT_DIR + 'peertube.key.pem', function (err, file) { |
| 41 | if (err) return callback(err) | 62 | if (err) return callback(err) |