Added hashing plaintext passwords after login

Also some code cleanup

src/server/components/auth.js

@@ -225,25 +225,39 @@ define([
 				callback: this.onHashCompare.bind(this, msg)
 			});
 		},
-		onHashCompare: function(msg, hashedPassword) {
+		onHashCompare: function(msg, storedPassword) {
 			var credentials = msg.data;
 
-			bcrypt.compare(credentials.password, hashedPassword, this.onLogin.bind(this, msg, hashedPassword));
+			bcrypt.compare(credentials.password, storedPassword, this.onLogin.bind(this, msg, storedPassword));
 		},
-		onLogin: function(msg, hashedPassword, err, compareResult) {
-			var credentials = msg.data;
-
-			if (!hashedPassword)
+		onLogin: function(msg, storedPassword, err, compareResult) {
+			if (!storedPassword)
 				msg.callback(messages.login.incorrect);
 			else {
-				if (compareResult) {
-					this.username = credentials.username;
-					connections.logOut(this.obj);
-					msg.callback();
+				if (compareResult) { //If stored password matches the hashed password entered by the user, log them in directly
+					this.onLoginVerified(msg);
+				} else if (msg.data.password == storedPassword) { //If the stored password matches a plaintext password entered by the user; In that case the password gets hashed for the future
+					this.onUnhashedLogin(msg);
 				} else
 					msg.callback(messages.login.incorrect);
 			}
 		},
+		onUnhashedLogin: function(msg) {
+			bcrypt.hash(msg.data.password, 10, this.onPasswordHashed.bind(this, msg));
+		},
+		onPasswordHashed: function(msg, err, hashedPassword) {
+			io.set({
+				ent: msg.data.username,
+				field: 'login',
+				value: hashedPassword,
+				callback: this.onLoginVerified.bind(this, msg)
+            });
+		},
+		onLoginVerified: function(msg) {
+			this.username = msg.data.username;
+			connections.logOut(this.obj);
+			msg.callback();
+		},
 
 		register: function(msg) {
 			var credentials = msg.data;