Skip to content

Commit

Permalink
doc: Fix 'pbkdf2Sync' encoding problem (#1805)
Browse files Browse the repository at this point in the history 
Ref: #1796.

Since the '/newUser' request is encoded by 'sha512', and your
corresponding '/auth' must also use 'sha512' as the digest encoding
as well.
  • Loading branch information
Maledong committed Sep 17, 2018
1 parent 3f3d9d5 commit 9f95cf9
Show file tree
Hide file tree
Showing 4 changed files with 15 additions and 10 deletions.
5 changes: 3 additions & 2 deletions locale/en/docs/guides/simple-profiling.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,9 +63,10 @@ app.get('/auth', (req, res) => {
return res.sendStatus(400);
}

const hash = crypto.pbkdf2Sync(password, users[username].salt, 10000, 512);
const { salt, hash } = users[username];
const encryptHash = crypto.pbkdf2Sync(password, salt, 10000, 512, 'sha512');

if (users[username].hash.toString() === hash.toString()) {
if (crypto.timingSafeEqual(hash, encryptHash)) {
res.sendStatus(200);
} else {
res.sendStatus(401);
Expand Down
10 changes: 6 additions & 4 deletions locale/ko/docs/guides/simple-profiling.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -114,9 +114,10 @@ app.get('/auth', (req, res) => {
return res.sendStatus(400);
}
const hash = crypto.pbkdf2Sync(password, users[username].salt, 10000, 512);
const { salt, hash } = users[username];
const encryptHash = crypto.pbkdf2Sync(password, salt, 10000, 512, 'sha512');
if (users[username].hash.toString() === hash.toString()) {
if (crypto.timingSafeEqual(hash, encryptHash)) {
res.sendStatus(200);
} else {
res.sendStatus(401);
Expand All @@ -136,9 +137,10 @@ app.get('/auth', (req, res) => {
return res.sendStatus(400);
}

const hash = crypto.pbkdf2Sync(password, users[username].salt, 10000, 512);
const { salt, hash } = users[username];
const encryptHash = crypto.pbkdf2Sync(password, salt, 10000, 512, 'sha512');

if (users[username].hash.toString() === hash.toString()) {
if (crypto.timingSafeEqual(hash, encryptHash)) {
res.sendStatus(200);
} else {
res.sendStatus(401);
Expand Down
5 changes: 3 additions & 2 deletions locale/uk/docs/guides/simple-profiling.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,9 +63,10 @@ app.get('/auth', (req, res) => {
return res.sendStatus(400);
}

const hash = crypto.pbkdf2Sync(password, users[username].salt, 10000, 512);
const { salt, hash } = users[username];
const encryptHash = crypto.pbkdf2Sync(password, salt, 10000, 512, 'sha512');

if (users[username].hash.toString() === hash.toString()) {
if (crypto.timingSafeEqual(hash, encryptHash)) {
res.sendStatus(200);
} else {
res.sendStatus(401);
Expand Down
5 changes: 3 additions & 2 deletions locale/zh-cn/docs/guides/simple-profiling.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,9 +52,10 @@ app.get('/auth', (req, res) => {
return res.sendStatus(400);
}

const hash = crypto.pbkdf2Sync(password, users[username].salt, 10000, 512);
const { salt, hash } = users[username];
const encryptHash = crypto.pbkdf2Sync(password, salt, 10000, 512, 'sha512');

if (users[username].hash.toString() === hash.toString()) {
if (crypto.timingSafeEqual(hash, encryptHash)) {
res.sendStatus(200);
} else {
res.sendStatus(401);
Expand Down

0 comments on commit 9f95cf9

Please sign in to comment.