From 26d7d31ba3b1d26ea9a51e8626e4a4537867db94 Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Thu, 25 Aug 2016 17:57:37 +0200 Subject: Server: encrypt password in database --- server/helpers/peertube-crypto.js | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) (limited to 'server/helpers') diff --git a/server/helpers/peertube-crypto.js b/server/helpers/peertube-crypto.js index ef130ea5c..4783e9965 100644 --- a/server/helpers/peertube-crypto.js +++ b/server/helpers/peertube-crypto.js @@ -1,5 +1,6 @@ 'use strict' +const bcrypt = require('bcrypt') const crypto = require('crypto') const fs = require('fs') const openssl = require('openssl-wrapper') @@ -12,7 +13,9 @@ const algorithm = 'aes-256-ctr' const peertubeCrypto = { checkSignature: checkSignature, + comparePassword: comparePassword, createCertsIfNotExist: createCertsIfNotExist, + cryptPassword: cryptPassword, decrypt: decrypt, encrypt: encrypt, sign: sign @@ -24,6 +27,14 @@ function checkSignature (publicKey, rawData, hexSignature) { return isValid } +function comparePassword (plainPassword, hashPassword, callback) { + bcrypt.compare(plainPassword, hashPassword, function (err, isPasswordMatch) { + if (err) return callback(err) + + return callback(null, isPasswordMatch) + }) +} + function createCertsIfNotExist (callback) { certsExist(function (exist) { if (exist === true) { @@ -36,6 +47,16 @@ function createCertsIfNotExist (callback) { }) } +function cryptPassword (password, callback) { + bcrypt.genSalt(constants.BCRYPT_SALT_SIZE, function (err, salt) { + if (err) return callback(err) + + bcrypt.hash(password, salt, function (err, hash) { + return callback(err, hash) + }) + }) +} + function decrypt (key, data, callback) { fs.readFile(constants.CONFIG.STORAGE.CERT_DIR + 'peertube.key.pem', function (err, file) { if (err) return callback(err) -- cgit v1.2.3