From 923761cd78cfb9de374691203bc3b325839d2d40 Mon Sep 17 00:00:00 2001 From: Joe Previte Date: Wed, 2 Jun 2021 17:24:37 -0700 Subject: [PATCH] refactor: password logic in http w/ isCookieValid --- src/node/http.ts | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/src/node/http.ts b/src/node/http.ts index 5160d17f2..298e94287 100644 --- a/src/node/http.ts +++ b/src/node/http.ts @@ -8,7 +8,7 @@ import { normalize, Options } from "../common/util" import { AuthType, DefaultedArgs } from "./cli" import { commit, rootPath } from "./constants" import { Heart } from "./heart" -import { isHashMatch } from "./util" +import { getPasswordMethod, handlePasswordValidation, IsCookieValidArgs, isCookieValid, isHashMatch } from "./util" declare global { // eslint-disable-next-line @typescript-eslint/no-namespace @@ -68,14 +68,16 @@ export const authenticated = async (req: express.Request): Promise => { return true case AuthType.Password: // The password is stored in the cookie after being hashed. - // TODO@jsjoeio this also needs to be refactored to check if they're using the legacy password - // or the new one. we can't assume hashed-password means legacy - return !!( - req.cookies.key && - (req.args["hashed-password"] - ? safeCompare(req.cookies.key, req.args["hashed-password"]) - : req.args.password && (await isHashMatch(req.args.password, req.cookies.key))) - ) + const hashedPasswordFromArgs = req.args["hashed-password"] + const passwordMethod = getPasswordMethod(hashedPasswordFromArgs) + const isCookieValidArgs: IsCookieValidArgs = { + passwordMethod, + cookieKey: req.cookies.key as string, + passwordFromArgs: req.args.password || "", + hashedPasswordFromArgs: req.args["hashed-password"], + } + + return await isCookieValid(isCookieValidArgs) default: throw new Error(`Unsupported auth type ${req.args.auth}`) }