Implementing password hashing

[kimslor]

Description

A password hashing method was created in the user models.
This method has been used to hash the plain text password provided by the user during account creation.
Now the hashedPassword will be stored in the DB and not the plaintext password.
This hashPassword() method should be used for password verification, such as login.

salted-md5 was used for the hashing of the plaintext password.

Related Issue

Solves #40

Type of change

• New feature (enhancement)
• Refactoring

How Has This Been Tested?

A unit test has been made for this method when a forum user is created and the hashed password stored in the test database is compared with a hashed password using the same plaintext and hashing method.

• Automated testing

Checklist:

• Does a similar (open or closed) pull request not already exist?
• Is the pull request head repository a fork repository?
• Is the pull request compare branch a development branch?
• Is the code documented, particularly in hard-to-understand areas?
• Does the code build without new warnings?
• Has testing been performed that proves changes are effective and work?
• Has a self- and/or peer-review of the code been performed?
• Have dependent changes been merged and published in downstream modules?
• Does all new and existing automated testing pass?
• Is the person responsible for the repository assigned to the pull request?
• Is the pull request linked to a project?
• Is the pull request linked to a milestone?

For more information, refer to the Contributing Guidelines and Code of Conduct links at the bottom of this page.

[R055A]

Awesome! Thank you for fixing the test bug. I have left some comments to consider, please

[R055A]

Some changes are required to fix the merge conflict, those mentioned in comments and:

Lines 39, 66, and 94 in test/authenticate.user.test.js:

password = 'authentication-test';

Requires being changed to:

password = 'authentication-test';
hashedPassword = hashPassword('authentication-test');

Line 52 in test/authenticate.user.test.js:

 assert.equal(result.email === email && result.hashedPassword === password, true)

Requires being changed to:

 assert.equal(result.email === email && result.hashedPassword.match(hashedPassword), true)

Line 79 in test/authenticate.user.test.js:

 assert.equal(result.username === username && result.hashedPassword === password, true)

Requires being changed to:

 assert.equal(result.username === username && result.hashedPassword.match(hashedPassword), true)

Line 52, 79, and 109 in test/authenticate.user.test.js:

 assert.equal(result.email === email &&
                        result.username === username && result.hashedPassword === password, true);

Requires being changed to:

 assert.equal(result.email === email &&
                        result.username === username && result.hashedPassword.match(hashedPassword), true);

The hashPassword() function will also require being imported for this file.

[R055A]

41 tests failed! I have rerun the CI as it is very likley the CI tests failed because of commit(s) made before testing from prior commit(s) has completed causing a clash between test suites executing and accessing the same resources in parallel. I will wait until the final commit has been made and all CI tests are passing before I review again.

[R055A]

41 tests failed! It is likely because of commit(s) made before testing from prior commit(s) has completed causing a clash between test suites executing and accessing the same resources in parallel. I will wait until the final commit has been made and all CI tests are passing before I review again.

Now 31 tests are failing. Let me know when this is ready for review again, please.

[R055A]

I don't know how it happened but I seem to have mistakenly labelled this already merged pull request as invalid. It is not invalid. I have removed the label and moved the pull request back the Done column. I must have had too many tabs open at once.