jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

make users-test work

Browse Source
This commit is contained in:
Girish Ramakrishnan
2021-08-13 14:43:08 -07:00
parent a8760f6c2c
commit beb1ab7c5b
3 changed files with 43 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/users.js
View File

@@ -91,6 +91,7 @@ const CRYPTO_KEY_LENGTH = 512; // bits
const CRYPTO_DIGEST = 'sha1'; // used to be the default in node 4.1.1 cannot change since it will affect existing db records
const pbkdf2Async = util.promisify(crypto.pbkdf2);
const randomBytesAsync = util.promisify(crypto.randomBytes);
const getDirectoryConfigAsync = util.promisify(settings.getDirectoryConfig);
function postProcess(result) {
@@ -203,10 +204,9 @@ async function add(email, data, auditSource) {
error = validateRole(role);
if (error) throw error;
const randomBytes = util.promisify(crypto.randomBytes);
let salt, derivedKey;
[error, salt] = await safe(randomBytes(CRYPTO_SALT_SIZE));
[error, salt] = await safe(randomBytesAsync(CRYPTO_SALT_SIZE));
if (error) throw new BoxError(BoxError.CRYPTO_ERROR, error);
[error, derivedKey] = await safe(pbkdf2Async(password, salt, CRYPTO_ITERATIONS, CRYPTO_KEY_LENGTH, CRYPTO_DIGEST));
@@ -611,13 +611,14 @@ async function setPassword(user, newPassword, auditSource) {
if (settings.isDemo() && user.username === constants.DEMO_USERNAME) throw new BoxError(BoxError.BAD_FIELD, 'Not allowed in demo mode');
if (user.source) throw new BoxError(BoxError.CONFLICT, 'User is from an external directory');
const saltBuffer = Buffer.from(user.salt, 'hex');
let salt, derivedKey;
[error, salt] = await safe(randomBytesAsync(CRYPTO_SALT_SIZE));
let derivedKey;
[error, derivedKey] = await safe(pbkdf2Async(newPassword, saltBuffer, CRYPTO_ITERATIONS, CRYPTO_KEY_LENGTH, CRYPTO_DIGEST));
[error, derivedKey] = await safe(pbkdf2Async(newPassword, salt, CRYPTO_ITERATIONS, CRYPTO_KEY_LENGTH, CRYPTO_DIGEST));
if (error) throw new BoxError(BoxError.CRYPTO_ERROR, error);
const data = {
salt: salt.toString('hex'),
password: Buffer.from(derivedKey, 'binary').toString('hex'),
resetToken: ''
};