pangolin_mirror/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-02-24 13:56:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

reset password flow

Browse Source
This commit is contained in:
Milo Schwartz
2024-12-22 16:59:30 -05:00
parent 9c37036a39
commit f224bfa4ee
22 changed files with 739 additions and 184 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
server/routers/resource/authWithAccessToken.ts
View File

@@ -16,6 +16,7 @@ import config from "@server/config";
import logger from "@server/logger";
import { verify } from "@node-rs/argon2";
import { isWithinExpirationDate } from "oslo";
import { verifyPassword } from "@server/auth/password";
const authWithAccessTokenBodySchema = z
.object({
@@ -104,12 +105,8 @@ export async function authWithAccessToken(
);
}
const validCode = await verify(tokenItem.tokenHash, accessToken, {
memoryCost: 19456,
timeCost: 2,
outputLen: 32,
parallelism: 1
});
const validCode = await verifyPassword(tokenItem.tokenHash, accessToken);
if (!validCode) {
return next(
createHttpError(HttpCode.UNAUTHORIZED, "Invalid access token")

11
server/routers/resource/authWithPassword.ts
View File

@@ -15,6 +15,7 @@ import {
} from "@server/auth/resource";
import config from "@server/config";
import logger from "@server/logger";
import { verifyPassword } from "@server/auth/password";
export const authWithPasswordBodySchema = z
.object({
@@ -105,15 +106,9 @@ export async function authWithPassword(
);
}
const validPassword = await verify(
definedPassword.passwordHash,
const validPassword = await verifyPassword(
password,
{
memoryCost: 19456,
timeCost: 2,
outputLen: 32,
parallelism: 1
}
definedPassword.passwordHash
);
if (!validPassword) {
return next(

11
server/routers/resource/authWithPincode.ts
View File

@@ -23,6 +23,7 @@ import logger from "@server/logger";
import config from "@server/config";
import { AuthWithPasswordResponse } from "./authWithPassword";
import { isValidOtp, sendResourceOtpEmail } from "@server/auth/resourceOtp";
import { verifyPassword } from "@server/auth/password";
export const authWithPincodeBodySchema = z
.object({
@@ -116,12 +117,10 @@ export async function authWithPincode(
);
}
const validPincode = await verify(definedPincode.pincodeHash, pincode, {
memoryCost: 19456,
timeCost: 2,
outputLen: 32,
parallelism: 1
});
const validPincode = verifyPassword(
pincode,
definedPincode.pincodeHash
);
if (!validPincode) {
return next(
createHttpError(HttpCode.UNAUTHORIZED, "Incorrect PIN")

8
server/routers/resource/setResourcePassword.ts
View File

@@ -9,6 +9,7 @@ import { fromError } from "zod-validation-error";
import { hash } from "@node-rs/argon2";
import { response } from "@server/utils";
import logger from "@server/logger";
import { hashPassword } from "@server/auth/password";
const setResourceAuthMethodsParamsSchema = z.object({
resourceId: z.string().transform(Number).pipe(z.number().int().positive())
@@ -57,12 +58,7 @@ export async function setResourcePassword(
.where(eq(resourcePassword.resourceId, resourceId));
if (password) {
const passwordHash = await hash(password, {
memoryCost: 19456,
timeCost: 2,
outputLen: 32,
parallelism: 1
});
const passwordHash = await hashPassword(password);
await trx
.insert(resourcePassword)

8
server/routers/resource/setResourcePincode.ts
View File

@@ -10,6 +10,7 @@ import { hash } from "@node-rs/argon2";
import { response } from "@server/utils";
import stoi from "@server/utils/stoi";
import logger from "@server/logger";
import { hashPassword } from "@server/auth/password";
const setResourceAuthMethodsParamsSchema = z.object({
resourceId: z.string().transform(Number).pipe(z.number().int().positive()),
@@ -61,12 +62,7 @@ export async function setResourcePincode(
.where(eq(resourcePincode.resourceId, resourceId));
if (pincode) {
const pincodeHash = await hash(pincode, {
memoryCost: 19456,
timeCost: 2,
outputLen: 32,
parallelism: 1,
});
const pincodeHash = await hashPassword(pincode);
await trx
.insert(resourcePincode)