Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Merge pull request #5 from djensen47/master

Use bcrypt instead of sha1
  • Loading branch information...
commit bcf47ffa3a09dabc4affa1511e8e79bd3d8c8360 2 parents 3c006e8 + 5aa758d
Larz Conwell larzconwell authored
4 app/helpers/passport/actions.js
View
@@ -3,6 +3,7 @@ var passport = require('passport')
, user = require('./user')
, successRedirect = geddy.config.passport.successRedirect
, failureRedirect = geddy.config.passport.failureRedirect
+ , bcrypt = require('bcrypt')
, cryptPass;
var SUPPORTED_SERVICES = [
@@ -22,8 +23,7 @@ passport.use(new LocalStrategy(function(username, password, done) {
cryptPass = require('./index').cryptPass;
}
- crypted = cryptPass(password);
- if (user.password == crypted) {
+ if (bcrypt.compareSync(password, user.password)) {
done(null, user);
}
else {
10 app/helpers/passport/index.js
View
@@ -1,4 +1,5 @@
-var crypto = require('crypto');
+var crypto = require('crypto')
+ , bcrypt = require('bcrypt');
exports.actions = require('./actions');
@@ -9,14 +10,11 @@ exports.requireAuth = function () {
};
exports.cryptPass = function (cleartextPass) {
- var sha;
if (!geddy.config.secret) {
throw new Error('Need application secret');
}
- sha = crypto.createHash('sha1');
- sha.update(geddy.config.secret);
- sha.update(cleartextPass);
- return sha.digest('hex');
+
+ return bcrypt.hashSync(cleartextPass, 10);
};
4 package.json
View
@@ -14,7 +14,9 @@
"passport": "0.1.x",
"passport-local": "0.1.x",
"passport-twitter": "0.1.x",
- "passport-facebook": "0.1.x"
+ "passport-facebook": "0.1.x",
+ "passport-yammer": "0.1.x",
+ "bcrypt": "0.7.x"
},
"main": "./lib/passport",
"repository": {
Please sign in to comment.
Something went wrong with that request. Please try again.