debug password hashing function
This commit is contained in:
parent
fea8c9035f
commit
16d5c97e3f
10 changed files with 26 additions and 25 deletions
|
@ -14,6 +14,7 @@ import Room from './pages/Room/Room';
|
||||||
|
|
||||||
export const socket = socketIOClient(config.apiAddress);
|
export const socket = socketIOClient(config.apiAddress);
|
||||||
|
|
||||||
|
|
||||||
function App() {
|
function App() {
|
||||||
const [fetchData, setFetchData] = useState();
|
const [fetchData, setFetchData] = useState();
|
||||||
const [socketData, setSocketData] = useState();
|
const [socketData, setSocketData] = useState();
|
||||||
|
@ -32,7 +33,6 @@ function App() {
|
||||||
socket.on('connect_error', err => setError([...error, err]));
|
socket.on('connect_error', err => setError([...error, err]));
|
||||||
socket.on('error', err => setError([...error, err]))
|
socket.on('error', err => setError([...error, err]))
|
||||||
})
|
})
|
||||||
|
|
||||||
return (
|
return (
|
||||||
<Router>
|
<Router>
|
||||||
|
|
||||||
|
|
|
@ -10,18 +10,17 @@ const loginService = () => {
|
||||||
}
|
}
|
||||||
|
|
||||||
const signupService = async (formData) => {
|
const signupService = async (formData) => {
|
||||||
const response = await Axios.post(signupEndpoint, {
|
const response = await Axios.post(signupEndpoint, {...formData })
|
||||||
...formData
|
.then(res => {
|
||||||
}).then(res => {
|
|
||||||
return res;
|
return res;
|
||||||
}).catch(err => {
|
}).catch(err => {
|
||||||
|
console.log(err)
|
||||||
return err;
|
return err;
|
||||||
});
|
});
|
||||||
console.log(response)
|
|
||||||
return response;
|
return response;
|
||||||
}
|
}
|
||||||
|
|
||||||
module.exports = {
|
export default {
|
||||||
loginService,
|
loginService,
|
||||||
signupService
|
signupService
|
||||||
}
|
}
|
|
@ -6,15 +6,12 @@ const loginService = authServices.loginService;
|
||||||
const newUserFormData = {
|
const newUserFormData = {
|
||||||
username:'newUser',
|
username:'newUser',
|
||||||
password:'password',
|
password:'password',
|
||||||
passwordConfirm:'password',
|
confirmPassword:'password',
|
||||||
email:'user@example.com'
|
email:'user@example.com'
|
||||||
}
|
}
|
||||||
|
|
||||||
describe('signupService', () => {
|
describe('signupService', () => {
|
||||||
it('signup returns 200', async () => {
|
it('', () => {
|
||||||
const response = await signupService(newUserFormData);
|
|
||||||
console.log(response)
|
|
||||||
expect(response.status).equal('200');
|
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
|
@ -13,13 +13,11 @@ const checkValidationErrors = (req, res) => {
|
||||||
}
|
}
|
||||||
|
|
||||||
const signup = async (req, res, next) => {
|
const signup = async (req, res, next) => {
|
||||||
|
|
||||||
checkValidationErrors(req, res);
|
checkValidationErrors(req, res);
|
||||||
|
|
||||||
const user = req.body;
|
const user = req.body;
|
||||||
|
|
||||||
try {
|
try {
|
||||||
|
delete user.confirmPassword;
|
||||||
const hashedPassword = await hashPassword(user.password);
|
const hashedPassword = await hashPassword(user.password);
|
||||||
const secureUser = { ...user, password: hashedPassword }
|
const secureUser = { ...user, password: hashedPassword }
|
||||||
|
|
||||||
|
@ -28,12 +26,11 @@ const signup = async (req, res, next) => {
|
||||||
.insert(secureUser)
|
.insert(secureUser)
|
||||||
.then(queryResults => {
|
.then(queryResults => {
|
||||||
const newUser = queryResults[0];
|
const newUser = queryResults[0];
|
||||||
signToken(res, newUser);
|
signToken(res, newUser).send('ok').status(201);
|
||||||
res.send('ok').status(200);
|
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
catch (err) {
|
catch (err) {
|
||||||
res.status(500).json(err)
|
res.status(500).json(err);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -5,6 +5,8 @@ const signupValidationRules = () => {
|
||||||
check('email', 'invalid email').normalizeEmail().isEmail(),
|
check('email', 'invalid email').normalizeEmail().isEmail(),
|
||||||
check('username', 'invalid username').isString(),
|
check('username', 'invalid username').isString(),
|
||||||
check('password', 'invalid password').isString().isLength({min: 8}),
|
check('password', 'invalid password').isString().isLength({min: 8}),
|
||||||
|
check('confirmPassword', 'invalid password').isString()
|
||||||
|
.custom((confirmPassword, { req }) => confirmPassword === req.body.password),
|
||||||
sanitize('username').escape()
|
sanitize('username').escape()
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
@ -17,7 +19,7 @@ const loginValidationRules = () => {
|
||||||
}
|
}
|
||||||
|
|
||||||
const validate = (req, res, next) => {
|
const validate = (req, res, next) => {
|
||||||
const errors = validationResult(req)
|
const errors = validationResult(req);
|
||||||
if (errors.isEmpty()) {
|
if (errors.isEmpty()) {
|
||||||
return next()
|
return next()
|
||||||
}
|
}
|
||||||
|
|
|
@ -19,8 +19,9 @@ const apiRouter = require('./routes/api');
|
||||||
|
|
||||||
const app = express();
|
const app = express();
|
||||||
|
|
||||||
|
const allowedOrigin = process.env.NODE_ENV === 'production' ? env.REACT_ADDRESS : '*';
|
||||||
const corsOptions = {
|
const corsOptions = {
|
||||||
origin: process.env.REACT_ADDRESS
|
origin: allowedOrigin
|
||||||
}
|
}
|
||||||
|
|
||||||
app.options('*', cors(corsOptions));
|
app.options('*', cors(corsOptions));
|
||||||
|
|
|
@ -1,12 +1,12 @@
|
||||||
const bcrypt = require('bcrypt');
|
const bcrypt = require('bcrypt');
|
||||||
require('dotenv').config();
|
require('dotenv').config();
|
||||||
|
|
||||||
const saltRounds = process.env.NODE_ENV === 'test' ? 5 : process.env.SALT_ROUNDS;
|
const saltRounds = process.env.NODE_ENV === 'test' ? 5 : parseInt(process.env.SALT_ROUNDS);
|
||||||
|
|
||||||
const hashPassword = async (password) => {
|
const hashPassword = async (password) => {
|
||||||
|
|
||||||
const hashedPassword = await new Promise((resolve, reject) => {
|
const hashedPassword = await new Promise((resolve, reject) => {
|
||||||
bcrypt.hash(password, saltRounds, (err, hash) => {
|
bcrypt.hash(password, saltRounds, (err, hash) => {
|
||||||
|
console.log(err)
|
||||||
if (err) reject(err)
|
if (err) reject(err)
|
||||||
resolve(hash)
|
resolve(hash)
|
||||||
});
|
});
|
||||||
|
|
|
@ -2,8 +2,8 @@
|
||||||
|
|
||||||
module.exports = {
|
module.exports = {
|
||||||
enableSocket: io => {
|
enableSocket: io => {
|
||||||
io.on('connection', () => console.log('connected'))
|
// io.on('connection', () => console.log('connected'))
|
||||||
io.on('connect', ()=> {
|
io.on('connection', ()=> {
|
||||||
io.emit('connected', {message: 'socket connected'});
|
io.emit('connected', {message: 'socket connected'});
|
||||||
})
|
})
|
||||||
|
|
||||||
|
|
|
@ -2,6 +2,7 @@ const authSignupSpec = (chai, knex, server) => {
|
||||||
const newUserFormData = {
|
const newUserFormData = {
|
||||||
'username':'newUser',
|
'username':'newUser',
|
||||||
'password':'password',
|
'password':'password',
|
||||||
|
'confirmPassword':'password',
|
||||||
'email':'user@example.com'
|
'email':'user@example.com'
|
||||||
}
|
}
|
||||||
const loginFormData = {
|
const loginFormData = {
|
||||||
|
|
|
@ -4,21 +4,25 @@ const authSignupSpec = (chai, knex, server) => {
|
||||||
const newUserFormData = {
|
const newUserFormData = {
|
||||||
'username':'newUser',
|
'username':'newUser',
|
||||||
'password':'password',
|
'password':'password',
|
||||||
|
'confirmPassword':'password',
|
||||||
'email':'user@example.com'
|
'email':'user@example.com'
|
||||||
}
|
}
|
||||||
const invalidEmailFormData = {
|
const invalidEmailFormData = {
|
||||||
'username':'newUser',
|
'username':'newUser',
|
||||||
'email': 'useremail',
|
'email': 'useremail',
|
||||||
'password':'password'
|
'password':'password',
|
||||||
|
'confirmPassword':'password'
|
||||||
}
|
}
|
||||||
const scriptInjectionFormData = {
|
const scriptInjectionFormData = {
|
||||||
'username': '<script> alert("hello, there");</script>',
|
'username': '<script> alert("hello, there");</script>',
|
||||||
'password':'password',
|
'password':'password',
|
||||||
|
'confirmPassword':'password',
|
||||||
'email':'user@example.com'
|
'email':'user@example.com'
|
||||||
}
|
}
|
||||||
const sqlInjectionFormData = {
|
const sqlInjectionFormData = {
|
||||||
'username': '; DROP TABLE user;',
|
'username': '; DROP TABLE user;',
|
||||||
'password':'password',
|
'password':'password',
|
||||||
|
'confirmPassword':'password',
|
||||||
'email':'user@example.com'
|
'email':'user@example.com'
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue