-
Notifications
You must be signed in to change notification settings - Fork 0
/
user.js
46 lines (39 loc) · 1.46 KB
/
user.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
import crypto from 'crypto'
import { v4 as uuidv4 } from 'uuid'
/**
* User methods. The example doesn't contain a DB, but for real applications you must use a
* db here, such as MongoDB, Fauna, SQL, etc.
*/
const users = []
export async function createUser({ username, password }) {
// Here you should create the user and save the salt and hashed password (some dbs may have
// authentication methods that will do it for you so you don't have to worry about it):
const salt = crypto.randomBytes(16).toString('hex')
const hash = crypto
.pbkdf2Sync(password, salt, 1000, 64, 'sha512')
.toString('hex')
const user = {
id: uuidv4(),
createdAt: Date.now(),
username,
hash,
salt,
}
// This is an in memory store for users, there is no data persistence without a proper DB
users.push(user)
return { username, createdAt: Date.now() }
}
// Here you should lookup for the user in your DB
export async function findUser({ username }) {
// This is an in memory store for users, there is no data persistence without a proper DB
return users.find((user) => user.username === username)
}
// Compare the password of an already fetched user (using `findUser`) and compare the
// password for a potential match
export function validatePassword(user, inputPassword) {
const inputHash = crypto
.pbkdf2Sync(inputPassword, user.salt, 1000, 64, 'sha512')
.toString('hex')
const passwordsMatch = user.hash === inputHash
return passwordsMatch
}