UNPKG

very-express

Version:

based on json schema and openapi, generate Express RestApi server with mongoDb

48 lines (43 loc) 1.58 kB
// {{headerComment}} import crypto from "crypto"; // import log from "~/utils/logger"; import { UserWithRelations } from "../_types/User.gen"; /** * Hashes a password with a salt (e.g., user email). * @param plainPassword The plain text password to hash. * @param salt The salt to use (e.g., user email). * @param algorithm The hash algorithm (default: 'sha256'). * @returns The hashed password (hex encoded). */ export function hashPassword( plainPassword: string, salt: string, algorithm: "sha256" = "sha256" ): string { return crypto.createHash(algorithm).update(plainPassword + salt).digest("hex"); } /** * Verifies if a plain password (with salt) matches a given hashed password. * @param user The user object containing email and userAuthProfiles. * @param plainPassword The plain text password to verify. * @returns True if the password matches, false otherwise. */ export function verifyPassword( user: UserWithRelations, plainPassword: string, ): boolean { if(!user.email || !user.userAuthProfiles) { // log.error(`User "${user._id}" email or userAuthProfiles missing for local auth's password verification.`); return false; } const hashedPassword = user.userAuthProfiles.find((profile:any) => profile.provider === "local")?.password; if(!hashedPassword) { // log.error(`User "${user._id}" Local auth profile or password missing.`); return false; } return hashPassword(plainPassword, user.email) === hashedPassword; } export default { hashPassword, verifyPassword };