|
|
@@ -225,25 +225,39 @@ define([ |
|
|
|
callback: this.onHashCompare.bind(this, msg) |
|
|
|
}); |
|
|
|
}, |
|
|
|
onHashCompare: function(msg, hashedPassword) { |
|
|
|
onHashCompare: function(msg, storedPassword) { |
|
|
|
var credentials = msg.data; |
|
|
|
|
|
|
|
bcrypt.compare(credentials.password, hashedPassword, this.onLogin.bind(this, msg, hashedPassword)); |
|
|
|
bcrypt.compare(credentials.password, storedPassword, this.onLogin.bind(this, msg, storedPassword)); |
|
|
|
}, |
|
|
|
onLogin: function(msg, hashedPassword, err, compareResult) { |
|
|
|
var credentials = msg.data; |
|
|
|
|
|
|
|
if (!hashedPassword) |
|
|
|
onLogin: function(msg, storedPassword, err, compareResult) { |
|
|
|
if (!storedPassword) |
|
|
|
msg.callback(messages.login.incorrect); |
|
|
|
else { |
|
|
|
if (compareResult) { |
|
|
|
this.username = credentials.username; |
|
|
|
connections.logOut(this.obj); |
|
|
|
msg.callback(); |
|
|
|
if (compareResult) { //If stored password matches the hashed password entered by the user, log them in directly |
|
|
|
this.onLoginVerified(msg); |
|
|
|
} else if (msg.data.password == storedPassword) { //If the stored password matches a plaintext password entered by the user; In that case the password gets hashed for the future |
|
|
|
this.onUnhashedLogin(msg); |
|
|
|
} else |
|
|
|
msg.callback(messages.login.incorrect); |
|
|
|
} |
|
|
|
}, |
|
|
|
onUnhashedLogin: function(msg) { |
|
|
|
bcrypt.hash(msg.data.password, 10, this.onPasswordHashed.bind(this, msg)); |
|
|
|
}, |
|
|
|
onPasswordHashed: function(msg, err, hashedPassword) { |
|
|
|
io.set({ |
|
|
|
ent: msg.data.username, |
|
|
|
field: 'login', |
|
|
|
value: hashedPassword, |
|
|
|
callback: this.onLoginVerified.bind(this, msg) |
|
|
|
}); |
|
|
|
}, |
|
|
|
onLoginVerified: function(msg) { |
|
|
|
this.username = msg.data.username; |
|
|
|
connections.logOut(this.obj); |
|
|
|
msg.callback(); |
|
|
|
}, |
|
|
|
|
|
|
|
register: function(msg) { |
|
|
|
var credentials = msg.data; |
|
|
|