UNPKG

mdds-mongoose-express-auth-server

Version:

Model Driver Development Stack - authentication and authorization server for mongoose and express based application. It can be enabled to work as authentication, user profile managment, and authorization management servers.

40 lines (29 loc) 1.13 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
const bcrypt = require('bcrypt'); const SALT_WORK_FACTOR = 10; const addPasswordHandlers = function(schema, authPassword) { schema.pre('save', function(next) { let user = this; // only hash the password if it has been modified (or is new) if (!user.isModified(authPassword)) return next(); // generate a salt bcrypt.genSalt(SALT_WORK_FACTOR, function(err, salt) { if (err) return next(err); // hash the password along with our new salt bcrypt.hash(user[authPassword], salt, function(err, hash) { if (err) return next(err); // override the cleartext password with the hashed one user[authPassword] = hash; next(); }); }); }); schema.options.useSaveInsteadOfUpdate = true; //this is a special indicator to controller use save. schema.methods.comparePassword = function(candidatePassword, cb) { bcrypt.compare(candidatePassword, this[authPassword], function(err, isMatch) { if (err) return cb(err); cb(null, isMatch); }); }; return schema; } module.exports = addPasswordHandlers;