diff --git a/seasoned_api/package.json b/seasoned_api/package.json index 9c4834d..dfc9297 100644 --- a/seasoned_api/package.json +++ b/seasoned_api/package.json @@ -15,7 +15,7 @@ }, "dependencies": { "axios": "^0.18.0", - "bcrypt-nodejs": "^0.0.3", + "bcrypt": "^3.0.6", "body-parser": "~1.18.2", "cross-env": "~5.1.4", "express": "~4.16.0", diff --git a/seasoned_api/src/user/userSecurity.js b/seasoned_api/src/user/userSecurity.js index 9cf4ba4..571ec58 100644 --- a/seasoned_api/src/user/userSecurity.js +++ b/seasoned_api/src/user/userSecurity.js @@ -1,73 +1,72 @@ -const bcrypt = require('bcrypt-nodejs'); +const bcrypt = require('bcrypt'); const UserRepository = require('src/user/userRepository'); class UserSecurity { - constructor(database) { - this.userRepository = new UserRepository(database); - } + constructor(database) { + this.userRepository = new UserRepository(database); +} - /** + /** * Create a new user in PlanFlix. * @param {User} user the new user you want to create * @param {String} clearPassword a password of the user * @returns {Promise} */ - createNewUser(user, clearPassword) { - if (user.username.trim() === '') { - throw new Error('The username is empty.'); - } else if (clearPassword.trim() === '') { - throw new Error('The password is empty.'); - } else { - return Promise.resolve() - .then(() => this.userRepository.create(user)) - .then(() => UserSecurity.hashPassword(clearPassword)) - .then(hash => this.userRepository.changePassword(user, hash)); - } - } + createNewUser(user, clearPassword) { + if (user.username.trim() === '') { + throw new Error('The username is empty.'); + } else if (clearPassword.trim() === '') { + throw new Error('The password is empty.'); + } else { + return Promise.resolve() + .then(() => this.userRepository.create(user)) + .then(() => UserSecurity.hashPassword(clearPassword)) + .then(hash => this.userRepository.changePassword(user, hash)); + } + } - /** + /** * Login into PlanFlix. * @param {User} user the user you want to login * @param {String} clearPassword the user's password * @returns {Promise} */ - login(user, clearPassword) { - return Promise.resolve() - .then(() => this.userRepository.retrieveHash(user)) - .then(hash => UserSecurity.compareHashes(hash, clearPassword)) - .catch(() => { throw new Error('Wrong username or password.'); }); - } + login(user, clearPassword) { + return Promise.resolve() + .then(() => this.userRepository.retrieveHash(user)) + .then(hash => UserSecurity.compareHashes(hash, clearPassword)) + .catch(() => { throw new Error('Incorrect username or password.'); }); + } /** - * Compare between a password and a hash password from database. - * @param {String} hash the hash password from database - * @param {String} clearPassword the user's password - * @returns {Promise} - */ - static compareHashes(hash, clearPassword) { - return new Promise((resolve, reject) => { - bcrypt.compare(clearPassword, hash, (error, matches) => { - if (matches === true) { - resolve(); - } else { - reject(); - } - }); + * Compare between a password and a hash password from database. + * @param {String} hash the hash password from database + * @param {String} clearPassword the user's password + * @returns {Promise} + */ + static compareHashes(hash, clearPassword) { + return new Promise((resolve, reject) => { + bcrypt.compare(clearPassword, hash, (error, match) => { + if (match) + resolve() + reject() }); - } + }); + } - /** + /** * Hashes a password. * @param {String} clearPassword the user's password * @returns {Promise} */ - static hashPassword(clearPassword) { - return new Promise((resolve) => { - bcrypt.hash(clearPassword, null, null, (error, hash) => { - resolve(hash); - }); + static hashPassword(clearPassword) { + return new Promise((resolve) => { + const salatRounds = 10; + bcrypt.hash(clearPassword, saltRounds, (error, hash) => { + resolve(hash); }); - } + }); + } } module.exports = UserSecurity;