Skip to content

Commit

Permalink
continue escaping from the pyramid of doom
Browse files Browse the repository at this point in the history
  • Loading branch information
@jaredhirsch
jaredhirsch committed Aug 21, 2019
1 parent 301e30e commit 819ebc8
Showing 1 changed file with 49 additions and 63 deletions.
112 changes: 49 additions & 63 deletions packages/fxa-auth-server/lib/routes/password.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,70 +53,56 @@ module.exports = function(
const form = request.payload;
const oldAuthPW = form.oldAuthPW;

return customs
.check(request, form.email, 'passwordChange')
.then(db.accountRecord.bind(db, form.email))
.then(
emailRecord => {
const password = new Password(
oldAuthPW,
emailRecord.authSalt,
emailRecord.verifierVersion
);
return signinUtils
.checkPassword(emailRecord, password, request.app.clientAddress)
.then(match => {
if (!match) {
throw error.incorrectPassword(
emailRecord.email,
form.email
);
}
const password = new Password(
oldAuthPW,
emailRecord.authSalt,
emailRecord.verifierVersion
);
return password.unwrap(emailRecord.wrapWrapKb);
})
.then(wrapKb => {
return db
.createKeyFetchToken({
uid: emailRecord.uid,
kA: emailRecord.kA,
wrapKb: wrapKb,
emailVerified: emailRecord.emailVerified,
})
.then(async keyFetchToken => {
const passwordChangeToken = await db.createPasswordChangeToken(
{
uid: emailRecord.uid,
}
);
return {
keyFetchToken: keyFetchToken,
passwordChangeToken: passwordChangeToken,
};
});
});
},
err => {
if (err.errno === error.ERRNO.ACCOUNT_UNKNOWN) {
customs.flag(request.app.clientAddress, {
email: form.email,
errno: err.errno,
});
}
throw err;
}
)
.then(tokens => {
return {
keyFetchToken: tokens.keyFetchToken.data,
passwordChangeToken: tokens.passwordChangeToken.data,
verified: tokens.keyFetchToken.emailVerified,
};
await customs.check(request, form.email, 'passwordChange');
let tokens;
try {
const emailRecord = await db.accountRecord.bind(db, form.email);
const password = new Password(
oldAuthPW,
emailRecord.authSalt,
emailRecord.verifierVersion
);
const match = await signinUtils.checkPassword(
emailRecord,
password,
request.app.clientAddress
);
if (!match) {
throw error.incorrectPassword(emailRecord.email, form.email);
}
const password = new Password(
oldAuthPW,
emailRecord.authSalt,
emailRecord.verifierVersion
);
const wrapKb = await password.unwrap(emailRecord.wrapWrapKb);
const keyFetchToken = await db.createKeyFetchToken({
uid: emailRecord.uid,
kA: emailRecord.kA,
wrapKb: wrapKb,
emailVerified: emailRecord.emailVerified,
});
const passwordChangeToken = await db.createPasswordChangeToken({
uid: emailRecord.uid,
});
tokens = {
keyFetchToken: keyFetchToken,
passwordChangeToken: passwordChangeToken,
};
} catch (err) {
if (err.errno === error.ERRNO.ACCOUNT_UNKNOWN) {
customs.flag(request.app.clientAddress, {
email: form.email,
errno: err.errno,
});
}
throw err;
}
return {
keyFetchToken: tokens.keyFetchToken.data,
passwordChangeToken: tokens.passwordChangeToken.data,
verified: tokens.keyFetchToken.emailVerified,
};
},
},
{
Expand Down

0 comments on commit 819ebc8

Please sign in to comment.