debug password hashing function
This commit is contained in:
parent
36c75e9126
commit
34959d8e44
10 changed files with 26 additions and 25 deletions
|
@ -14,6 +14,7 @@ import Room from './pages/Room/Room';
|
|||
|
||||
export const socket = socketIOClient(config.apiAddress);
|
||||
|
||||
|
||||
function App() {
|
||||
const [fetchData, setFetchData] = useState();
|
||||
const [socketData, setSocketData] = useState();
|
||||
|
@ -32,7 +33,6 @@ function App() {
|
|||
socket.on('connect_error', err => setError([...error, err]));
|
||||
socket.on('error', err => setError([...error, err]))
|
||||
})
|
||||
|
||||
return (
|
||||
<Router>
|
||||
|
||||
|
|
|
@ -10,18 +10,17 @@ const loginService = () => {
|
|||
}
|
||||
|
||||
const signupService = async (formData) => {
|
||||
const response = await Axios.post(signupEndpoint, {
|
||||
...formData
|
||||
}).then(res => {
|
||||
const response = await Axios.post(signupEndpoint, {...formData })
|
||||
.then(res => {
|
||||
return res;
|
||||
}).catch(err => {
|
||||
console.log(err)
|
||||
return err;
|
||||
});
|
||||
console.log(response)
|
||||
return response;
|
||||
}
|
||||
|
||||
module.exports = {
|
||||
export default {
|
||||
loginService,
|
||||
signupService
|
||||
}
|
|
@ -6,15 +6,12 @@ const loginService = authServices.loginService;
|
|||
const newUserFormData = {
|
||||
username:'newUser',
|
||||
password:'password',
|
||||
passwordConfirm:'password',
|
||||
confirmPassword:'password',
|
||||
email:'user@example.com'
|
||||
}
|
||||
|
||||
describe('signupService', () => {
|
||||
it('signup returns 200', async () => {
|
||||
const response = await signupService(newUserFormData);
|
||||
console.log(response)
|
||||
expect(response.status).equal('200');
|
||||
it('', () => {
|
||||
});
|
||||
});
|
||||
|
||||
|
|
|
@ -13,27 +13,24 @@ const checkValidationErrors = (req, res) => {
|
|||
}
|
||||
|
||||
const signup = async (req, res, next) => {
|
||||
|
||||
checkValidationErrors(req, res);
|
||||
|
||||
const user = req.body;
|
||||
|
||||
try {
|
||||
|
||||
delete user.confirmPassword;
|
||||
const hashedPassword = await hashPassword(user.password);
|
||||
const secureUser = { ...user, password: hashedPassword }
|
||||
|
||||
|
||||
knex('user')
|
||||
.returning(['username', 'email'])
|
||||
.insert(secureUser)
|
||||
.then(queryResults => {
|
||||
const newUser = queryResults[0];
|
||||
signToken(res, newUser);
|
||||
res.send('ok').status(200);
|
||||
signToken(res, newUser).send('ok').status(201);
|
||||
})
|
||||
}
|
||||
catch (err) {
|
||||
res.status(500).json(err)
|
||||
res.status(500).json(err);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -5,6 +5,8 @@ const signupValidationRules = () => {
|
|||
check('email', 'invalid email').normalizeEmail().isEmail(),
|
||||
check('username', 'invalid username').isString(),
|
||||
check('password', 'invalid password').isString().isLength({min: 8}),
|
||||
check('confirmPassword', 'invalid password').isString()
|
||||
.custom((confirmPassword, { req }) => confirmPassword === req.body.password),
|
||||
sanitize('username').escape()
|
||||
]
|
||||
}
|
||||
|
@ -17,7 +19,7 @@ const loginValidationRules = () => {
|
|||
}
|
||||
|
||||
const validate = (req, res, next) => {
|
||||
const errors = validationResult(req)
|
||||
const errors = validationResult(req);
|
||||
if (errors.isEmpty()) {
|
||||
return next()
|
||||
}
|
||||
|
|
|
@ -19,8 +19,9 @@ const apiRouter = require('./routes/api');
|
|||
|
||||
const app = express();
|
||||
|
||||
const allowedOrigin = process.env.NODE_ENV === 'production' ? env.REACT_ADDRESS : '*';
|
||||
const corsOptions = {
|
||||
origin: process.env.REACT_ADDRESS
|
||||
origin: allowedOrigin
|
||||
}
|
||||
|
||||
app.options('*', cors(corsOptions));
|
||||
|
|
|
@ -1,12 +1,12 @@
|
|||
const bcrypt = require('bcrypt');
|
||||
require('dotenv').config();
|
||||
|
||||
const saltRounds = process.env.NODE_ENV === 'test' ? 5 : process.env.SALT_ROUNDS;
|
||||
const saltRounds = process.env.NODE_ENV === 'test' ? 5 : parseInt(process.env.SALT_ROUNDS);
|
||||
|
||||
const hashPassword = async (password) => {
|
||||
|
||||
const hashedPassword = await new Promise((resolve, reject) => {
|
||||
bcrypt.hash(password, saltRounds, (err, hash) => {
|
||||
console.log(err)
|
||||
if (err) reject(err)
|
||||
resolve(hash)
|
||||
});
|
||||
|
|
|
@ -2,8 +2,8 @@
|
|||
|
||||
module.exports = {
|
||||
enableSocket: io => {
|
||||
io.on('connection', () => console.log('connected'))
|
||||
io.on('connect', ()=> {
|
||||
// io.on('connection', () => console.log('connected'))
|
||||
io.on('connection', ()=> {
|
||||
io.emit('connected', {message: 'socket connected'});
|
||||
})
|
||||
|
||||
|
|
|
@ -2,6 +2,7 @@ const authSignupSpec = (chai, knex, server) => {
|
|||
const newUserFormData = {
|
||||
'username':'newUser',
|
||||
'password':'password',
|
||||
'confirmPassword':'password',
|
||||
'email':'user@example.com'
|
||||
}
|
||||
const loginFormData = {
|
||||
|
|
|
@ -4,21 +4,25 @@ const authSignupSpec = (chai, knex, server) => {
|
|||
const newUserFormData = {
|
||||
'username':'newUser',
|
||||
'password':'password',
|
||||
'confirmPassword':'password',
|
||||
'email':'user@example.com'
|
||||
}
|
||||
const invalidEmailFormData = {
|
||||
'username':'newUser',
|
||||
'email': 'useremail',
|
||||
'password':'password'
|
||||
'password':'password',
|
||||
'confirmPassword':'password'
|
||||
}
|
||||
const scriptInjectionFormData = {
|
||||
'username': '<script> alert("hello, there");</script>',
|
||||
'password':'password',
|
||||
'confirmPassword':'password',
|
||||
'email':'user@example.com'
|
||||
}
|
||||
const sqlInjectionFormData = {
|
||||
'username': '; DROP TABLE user;',
|
||||
'password':'password',
|
||||
'confirmPassword':'password',
|
||||
'email':'user@example.com'
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue