-
-
Notifications
You must be signed in to change notification settings - Fork 780
/
index.ts
34 lines (28 loc) · 1.16 KB
/
index.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
import {AuthenticationError} from "blitz"
import SecurePassword from "secure-password"
import db, {User} from "db"
const SP = new SecurePassword()
export const hashPassword = async (password: string) => {
const hashedBuffer = await SP.hash(Buffer.from(password))
return hashedBuffer.toString("base64")
}
export const verifyPassword = async (hashedPassword: string, password: string) => {
return await SP.verify(Buffer.from(password), Buffer.from(hashedPassword, "base64"))
}
export const authenticateUser = async (email: string, password: string) => {
const user = await db.user.findOne({where: {email}})
if (!user || !user.hashedPassword) throw new AuthenticationError()
switch (await verifyPassword(user.hashedPassword, password)) {
case SecurePassword.VALID:
break
case SecurePassword.VALID_NEEDS_REHASH:
// Upgrade hashed password with a more secure hash
const improvedHash = await hashPassword(password)
await db.user.update({where: {id: user.id}, data: {hashedPassword: improvedHash}})
break
default:
throw new AuthenticationError()
}
delete user.hashedPassword
return user as Omit<User, "hashedPassword">
}