@cocalc/server
Version:
CoCalc server functionality: functions used by either the hub and the next.js server
25 lines • 1.23 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
const crypto_1 = require("crypto");
// This function is private and burried inside the password-hash
// library. To avoid having to fork/modify that library, we've just
// copied it here. We need it for remember_me cookies.
function hash(algorithm, salt, iterations, password) {
// there are cases where createHmac throws an error, because "salt" is undefined
if (algorithm == null || salt == null) {
throw new Error(`undefined arguments: algorithm='${algorithm}' salt='${salt}'`);
}
iterations = iterations || 1;
if (!isFinite(iterations) || iterations > 10000) {
// If somebody could make their own cookie, they might set the number of iterations
// to be very large and hang the server.
throw Error("number of iterations invalid or too large");
}
let hash = password;
for (let i = 1, end = iterations, asc = 1 <= end; asc ? i <= end : i >= end; asc ? i++ : i--) {
hash = (0, crypto_1.createHmac)(algorithm, salt).update(hash).digest("hex");
}
return algorithm + "$" + salt + "$" + iterations + "$" + hash;
}
exports.default = hash;
//# sourceMappingURL=hash.js.map