engineering
/
cloudservices
3
0
Fork 1
Code Issues 5 Pull Requests Packages Projects Releases Wiki Activity

auth tags

merge-requests/1/merge
Matthew 2019-11-16 23:57:17 -05:00
parent 6fba087b2d
commit 1927e3b295
No known key found for this signature in database
GPG Key ID: 766BE43AE75F7559
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/api/Security.ts
View File

@ -34,6 +34,7 @@ export default class Security {
account = await this.client.db.Account.findOne({ _id }); account = await this.client.db.Account.findOne({ _id });
let encrypted = cipher.update(JSON.stringify(account), 'utf8', 'base64'); let encrypted = cipher.update(JSON.stringify(account), 'utf8', 'base64');
encrypted += cipher.final('base64'); encrypted += cipher.final('base64');
await account.updateOne({ authTag: cipher.getAuthTag() });
return `${salt}:${encrypted}`; return `${salt}:${encrypted}`;
} }
@ -44,6 +45,7 @@ export default class Security {
const saltCheck = await this.client.db.Account.findOne({ salt }); const saltCheck = await this.client.db.Account.findOne({ salt });
const encrypted = bearer.split(':')[1]; const encrypted = bearer.split(':')[1];
let decrypted = decipher.update(encrypted, 'base64', 'utf8'); let decrypted = decipher.update(encrypted, 'base64', 'utf8');
decipher.setAuthTag(saltCheck.authTag);
decrypted += decipher.final('utf8'); decrypted += decipher.final('utf8');
const json = JSON.parse(decrypted); const json = JSON.parse(decrypted);
const account = await this.client.db.Account.findOne({ username: json.username }); const account = await this.client.db.Account.findOne({ username: json.username });