UNPKG

landmark-serve

Version:

Web Application Framework and Admin GUI / Content Management System built on Express.js and Mongoose

github.com/RiversideLabs/landmark

RiversideLabs/landmark

146 lines (111 loc) 2.94 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
/*! * Module dependencies. */ var _ = require('underscore'), util = require('util'), bcrypt = require('bcrypt-nodejs'), super_ = require('../field'); /** * password FieldType Constructor * @extends Field * @api public */ function password(list, path, options) { this.workFactor = options.workFactor || 10; this._nativeType = String; this._underscoreMethods = ['format', 'compare']; options.nosort = true; // You can't sort on password fields // TODO: implement filtering, hard-coded as disabled for now options.nofilter = true; password.super_.call(this, list, path, options); } /*! * Inherit from Field */ util.inherits(password, super_); /** * Registers the field on the List's Mongoose Schema. * * Adds ... * * @api public */ password.prototype.addToSchema = function() { var field = this, schema = this.list.schema; this.paths = { confirm: this.options.confirmPath || this._path.append('_confirm') }; schema.path(this.path, _.defaults({ type: String }, this.options)); schema.pre('save', function(next) { if (!this.isModified(field.path)) return next(); if (!this.get(field.path)) { this.set(field.path, undefined); return next(); } var item = this; bcrypt.genSalt(field.workFactor, function(err, salt) { if (err) return next(err); bcrypt.hash(item.get(field.path), salt, function () {}, function(err, hash) { if (err) return next(err); // override the cleartext password with the hashed one item.set(field.path, hash); next(); }); }); }); this.bindUnderscoreMethods(); }; /** * Formats the field value * * Password fields are always formatted as a random no. of asterisks, * because the saved hash should never be displayed nor the length * of the actual password hinted at. * * @api public */ password.prototype.format = function(item) { if (!item.get(this.path)) return ''; var len = Math.round(Math.random() * 4) + 6; var stars = ''; for (var i = 0; i < len; i++) stars += '*'; return stars; }; /** * Compares * * @api public */ password.prototype.compare = function(item, candidate, callback) { if ('function' !== typeof callback) throw new Error('Password.compare() requires a callback function.'); var value = item.get(this.path); if (!value) return callback(null, false); bcrypt.compare(candidate, item.get(this.path), callback); }; /** * If password fields are required, check that either a value has been * provided or already exists in the field. * * Otherwise, input is always considered valid, as providing an empty * value will not change the password. * * @api public */ password.prototype.validateInput = function(data, required, item) { if (!required) { return true; } if (item) { return (data[this.path] || item.get(this.path)) ? true : false; } else { return data[this.path] ? true : false; } }; /*! * Export class */ exports = module.exports = password;