added change password endpoint

2026-03-02 00:36:38 +00:00 · 2024-10-05 15:11:51 -04:00
parent 86fb43d570
commit e7080c4aa8
9 changed files with 207 additions and 71 deletions
--- a/server/routers/auth/password.ts
+++ b/server/routers/auth/password.ts
@@ -0,0 +1,29 @@
+import { hash, verify } from "@node-rs/argon2";
+
+export async function verifyPassword(
+    password: string,
+    hash: string,
+): Promise<boolean> {
+    const validPassword = await verify(hash, password, {
+        memoryCost: 19456,
+        timeCost: 2,
+        outputLen: 32,
+        parallelism: 1,
+    });
+    if (!validPassword) {
+        await new Promise((resolve) => setTimeout(resolve, 250)); // delay to prevent brute force attacks
+    }
+
+    return validPassword;
+}
+
+export async function hashPassword(password: string): Promise<string> {
+    const passwordHash = await hash(password, {
+        memoryCost: 19456,
+        timeCost: 2,
+        outputLen: 32,
+        parallelism: 1,
+    });
+
+    return passwordHash;
+}