Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

[refactor] put password hashing in its own function

  • Loading branch information...
commit d42b291316cf92688821dfccc83fd6b4e7a92734 1 parent 8eaa226
@thejh thejh authored
Showing with 10 additions and 8 deletions.
  1. +10 −8 lib/login.js
View
18 lib/login.js
@@ -49,11 +49,7 @@ Login.prototype.userLogin = function (email, password, callback) {
self.emit('error::login', err);
return callback(err);
}
- // Settings should be replaced with nconf, which is built into hook.io.
- // this would be something like self.config.get('login:hash')
- var hash = crypto.createHash(settings.loginManager.hash);
- hash.update(doc.salt + password);
- if (hash.digest('hex') === doc.hash) {
+ if (hash(doc.salt, password) === doc.hash) {
return callback(null, doc);
}
callback(new Error('Invalid login.'));
@@ -77,13 +73,11 @@ Login.prototype.userRegister = function (email, password, callback) {
return callback({reason: 'invalid e-mail', code: Login.INVALID_EMAIL});
}
- var hash = crypto.createHash(settings.loginManager.hash);
var salt = self.saltGenerate();
- hash.update(salt + password);
var user = {
salt: salt,
- hash: hash.digest('hex')
+ hash: hash(salt, password)
};
db.put('user-' + encodeURIComponent(email), user, function (err, res) {
if (err) {
@@ -97,3 +91,11 @@ Login.prototype.userRegister = function (email, password, callback) {
});
}
+function hash(salt, password) {
+ // Settings should be replaced with nconf, which is built into hook.io.
+ // this would be something like self.config.get('login:hash')
+ var hash = crypto.createHash(settings.loginManager.hash);
+ hash.update(salt + password);
+ return hash.digest('hex');
+}
+
Please sign in to comment.
Something went wrong with that request. Please try again.