engineering
/
cloudservices
3
0
Fork 1
Code Issues 5 Pull Requests Packages Projects Releases Wiki Activity

fix cipher issues

merge-requests/1/merge
Matthew 2019-11-16 23:40:32 -05:00
parent e44da74a0f
commit 6fba087b2d
No known key found for this signature in database
GPG Key ID: 766BE43AE75F7559
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/api/Security.ts
View File

@ -26,13 +26,14 @@ export default class Security {
* @param _id The Mongoose Document property labeled ._id
*/
public async createBearer(_id: string): Promise<string> {
const account = await this.client.db.Account.findOne({ _id });
let account = await this.client.db.Account.findOne({ _id });
if (!account) throw new Error(`Account [${_id}] cannot be found.`);
const salt = crypto.randomBytes(50).toString('base64');
const cipher = crypto.createCipheriv('aes-256-gcm', this.keys.key, this.keys.iv);
await account.updateOne({ salt });
account = await this.client.db.Account.findOne({ _id });
let encrypted = cipher.update(JSON.stringify(account), 'utf8', 'base64');
encrypted += cipher.final('base64');
await account.updateOne({ salt });
return `${salt}:${encrypted}`;
}
@ -47,6 +48,8 @@ export default class Security {
const json = JSON.parse(decrypted);
const account = await this.client.db.Account.findOne({ username: json.username });
if (account._id !== saltCheck._id) return null;
this.client.signale.debug(account);
this.client.signale.debug(saltCheck);
return account;
} catch (error) {
this.client.signale.debug(error);