Server: encrypt password in database

author: Chocobozzz <florian.bigard@gmail.com> 2016-08-25 17:57:37 +0200
committer: Chocobozzz <florian.bigard@gmail.com> 2016-08-25 17:57:37 +0200
commit: 26d7d31ba3b1d26ea9a51e8626e4a4537867db94 (patch)
tree: 988da4baa1397aaaf46a3c131918257fee4bc34f /server/lib
parent: f84a89f0e7e9595d2b6f6dd59181c01f562a4239 (diff)
download: PeerTube-26d7d31ba3b1d26ea9a51e8626e4a4537867db94.tar.gz
PeerTube-26d7d31ba3b1d26ea9a51e8626e4a4537867db94.tar.zst
PeerTube-26d7d31ba3b1d26ea9a51e8626e4a4537867db94.zip
1 files changed, 16 insertions, 1 deletions
diff --git a/server/lib/oauth-model.js b/server/lib/oauth-model.js
index d9f8b175a..6dab02fca 100644
--- a/server/lib/oauth-model.js
+++ b/server/lib/oauth-model.js
@@ -41,7 +41,22 @@ function getRefreshToken (refreshToken, callback) {
 function getUser (username, password) {
  logger.debug('Getting User (username: ' + username + ', password: ' + password + ').')
-  return User.getByUsernameAndPassword(username, password)
+  return User.getByUsername(username).then(function (user) {
+    if (!user) return null
+    // We need to return a promise
+    return new Promise(function (resolve, reject) {
+      return user.isPasswordMatch(password, function (err, isPasswordMatch) {
+        if (err) return reject(err)
+        if (isPasswordMatch === true) {
+          return resolve(user)
+        }
+        return resolve(null)
+      })
+    })
+  })
 }
 function revokeToken (token) {
author	Chocobozzz <florian.bigard@gmail.com>	2016-08-25 17:57:37 +0200
committer	Chocobozzz <florian.bigard@gmail.com>	2016-08-25 17:57:37 +0200
commit	26d7d31ba3b1d26ea9a51e8626e4a4537867db94 (patch)
tree	988da4baa1397aaaf46a3c131918257fee4bc34f /server/lib
parent	f84a89f0e7e9595d2b6f6dd59181c01f562a4239 (diff)
download	PeerTube-26d7d31ba3b1d26ea9a51e8626e4a4537867db94.tar.gz PeerTube-26d7d31ba3b1d26ea9a51e8626e4a4537867db94.tar.zst PeerTube-26d7d31ba3b1d26ea9a51e8626e4a4537867db94.zip

diff --git a/server/lib/oauth-model.js b/server/lib/oauth-model.js index d9f8b175a..6dab02fca 100644 --- a/server/lib/oauth-model.js +++ b/server/lib/oauth-model.js
@@ -41,7 +41,22 @@ function getRefreshToken (refreshToken, callback) {
41	function getUser (username, password) {	41	function getUser (username, password) {
42	logger.debug('Getting User (username: ' + username + ', password: ' + password + ').')	42	logger.debug('Getting User (username: ' + username + ', password: ' + password + ').')
43		43
44	return User.getByUsernameAndPassword(username, password)	44	return User.getByUsername(username).then(function (user) {
		45	if (!user) return null
		46
		47	// We need to return a promise
		48	return new Promise(function (resolve, reject) {
		49	return user.isPasswordMatch(password, function (err, isPasswordMatch) {
		50	if (err) return reject(err)
		51
		52	if (isPasswordMatch === true) {
		53	return resolve(user)
		54	}
		55
		56	return resolve(null)
		57	})
		58	})
		59	})
45	}	60	}
46		61
47	function revokeToken (token) {	62	function revokeToken (token) {