Prettier+some nitpicks
This commit is contained in:
parent
8c18fc4f92
commit
1432f43035
|
@ -60,7 +60,6 @@ module.exports = (sequelize, DataTypes) => {
|
||||||
sequelize,
|
sequelize,
|
||||||
tableName: 'Users',
|
tableName: 'Users',
|
||||||
modelName: 'User',
|
modelName: 'User',
|
||||||
underscored: true,
|
|
||||||
},
|
},
|
||||||
)
|
)
|
||||||
return User
|
return User
|
||||||
|
|
59
index.js
59
index.js
|
@ -6,7 +6,12 @@
|
||||||
* https://stackoverflow.com/questions/62908969/password-hashing-in-nodejs-using-built-in-crypto
|
* https://stackoverflow.com/questions/62908969/password-hashing-in-nodejs-using-built-in-crypto
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
const { scrypt, scryptSync, timingSafeEqual, randomBytes } = require('node:crypto')
|
const {
|
||||||
|
scrypt,
|
||||||
|
scryptSync,
|
||||||
|
timingSafeEqual,
|
||||||
|
randomBytes,
|
||||||
|
} = require('node:crypto')
|
||||||
|
|
||||||
/// Node recommends at least 16 at time of writing. 24 is more than that and
|
/// Node recommends at least 16 at time of writing. 24 is more than that and
|
||||||
// also will result in a base64 string which doesn't contain padding, which is
|
// also will result in a base64 string which doesn't contain padding, which is
|
||||||
|
@ -32,7 +37,9 @@ class ParseError extends Error {
|
||||||
* @param {?Exception} cause - An error which was raised while trying to parse the string
|
* @param {?Exception} cause - An error which was raised while trying to parse the string
|
||||||
*/
|
*/
|
||||||
constructor(malformedString, cause) {
|
constructor(malformedString, cause) {
|
||||||
super(`error parsing ${malformedString}, expected hash encoded by @techworkers/scrypt-wrapper`)
|
super(
|
||||||
|
`error parsing ${malformedString}, expected hash encoded by @techworkers/scrypt-wrapper`,
|
||||||
|
)
|
||||||
this.cause = cause
|
this.cause = cause
|
||||||
this.malformedString = malformedString
|
this.malformedString = malformedString
|
||||||
}
|
}
|
||||||
|
@ -50,7 +57,9 @@ class InvalidOptions extends Error {
|
||||||
* @param {HashOptions} options The options which were received that are invalid
|
* @param {HashOptions} options The options which were received that are invalid
|
||||||
*/
|
*/
|
||||||
constructor(options) {
|
constructor(options) {
|
||||||
super(`invalid options were received:\n\tcost: ${options.cost}\n\tkeyLength: ${options.keyLength}\n\tsaltLength: ${options.saltLength}`)
|
super(
|
||||||
|
`invalid options were received:\n\tcost: ${options.cost}\n\tkeyLength: ${options.keyLength}\n\tsaltLength: ${options.saltLength}`,
|
||||||
|
)
|
||||||
this.options = options
|
this.options = options
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -63,9 +72,9 @@ class InvalidOptions extends Error {
|
||||||
const { cost, keyLength, saltLength } = options
|
const { cost, keyLength, saltLength } = options
|
||||||
// Cost validation
|
// Cost validation
|
||||||
if (
|
if (
|
||||||
!(typeof cost === 'number' || cost instanceof Number)
|
!(typeof cost === 'number' || cost instanceof Number) ||
|
||||||
|| cost < 13
|
cost < 13 ||
|
||||||
|| !Number.isInteger(cost)
|
!Number.isInteger(cost)
|
||||||
) {
|
) {
|
||||||
const err = new InvalidOptions(options)
|
const err = new InvalidOptions(options)
|
||||||
if (reject) reject(err)
|
if (reject) reject(err)
|
||||||
|
@ -73,8 +82,8 @@ class InvalidOptions extends Error {
|
||||||
}
|
}
|
||||||
// keyLength validation
|
// keyLength validation
|
||||||
if (
|
if (
|
||||||
!(typeof keyLength === 'number' || keyLength instanceof Number)
|
!(typeof keyLength === 'number' || keyLength instanceof Number) ||
|
||||||
|| !Number.isInteger(keyLength)
|
!Number.isInteger(keyLength)
|
||||||
) {
|
) {
|
||||||
const err = new InvalidOptions(options)
|
const err = new InvalidOptions(options)
|
||||||
if (reject) reject(err)
|
if (reject) reject(err)
|
||||||
|
@ -82,9 +91,9 @@ class InvalidOptions extends Error {
|
||||||
}
|
}
|
||||||
// saltLength validation
|
// saltLength validation
|
||||||
if (
|
if (
|
||||||
!(typeof saltLength === 'number' || saltLength instanceof Number)
|
!(typeof saltLength === 'number' || saltLength instanceof Number) ||
|
||||||
|| saltLength < 16 /* (recommended minimum) */
|
saltLength < 16 /* (recommended minimum) */ ||
|
||||||
|| !Number.isInteger(saltLength)
|
!Number.isInteger(saltLength)
|
||||||
) {
|
) {
|
||||||
const err = new InvalidOptions(options)
|
const err = new InvalidOptions(options)
|
||||||
if (reject) reject(err)
|
if (reject) reject(err)
|
||||||
|
@ -124,10 +133,16 @@ function hash(password, options) {
|
||||||
InvalidOptions.validateOptions({ cost, keyLength, saltLength }, reject)
|
InvalidOptions.validateOptions({ cost, keyLength, saltLength }, reject)
|
||||||
let $hash = cost.toString(16) + '.'
|
let $hash = cost.toString(16) + '.'
|
||||||
$hash += salt.toString('base64url') + '.'
|
$hash += salt.toString('base64url') + '.'
|
||||||
scrypt(password.normalize(), salt, keyLength, { cost: $cost }, (err, key) => {
|
scrypt(
|
||||||
|
password.normalize(),
|
||||||
|
salt,
|
||||||
|
keyLength,
|
||||||
|
{ cost: $cost },
|
||||||
|
(err, key) => {
|
||||||
if (err) reject(err)
|
if (err) reject(err)
|
||||||
else resolve($hash + key.toString('base64url'))
|
else resolve($hash + key.toString('base64url'))
|
||||||
})
|
},
|
||||||
|
)
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -148,7 +163,12 @@ function hashSync(password, options) {
|
||||||
const $cost = 1 << cost
|
const $cost = 1 << cost
|
||||||
let $hash = cost.toString(16) + '.'
|
let $hash = cost.toString(16) + '.'
|
||||||
$hash += salt.toString('base64url') + '.'
|
$hash += salt.toString('base64url') + '.'
|
||||||
return $hash + scryptSync(password.normalize(), salt, keyLength, { cost: $cost }).toString('base64url')
|
return (
|
||||||
|
$hash +
|
||||||
|
scryptSync(password.normalize(), salt, keyLength, { cost: $cost }).toString(
|
||||||
|
'base64url',
|
||||||
|
)
|
||||||
|
)
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -166,7 +186,7 @@ function verify(derivedHash, password) {
|
||||||
return new Promise((resolve, reject) => {
|
return new Promise((resolve, reject) => {
|
||||||
var $cost, $salt, $key
|
var $cost, $salt, $key
|
||||||
try {
|
try {
|
||||||
[$cost, $salt, $key] = derivedHash.split('.')
|
;[$cost, $salt, $key] = derivedHash.split('.')
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
return reject(new ParseError(derivedHash, e))
|
return reject(new ParseError(derivedHash, e))
|
||||||
}
|
}
|
||||||
|
@ -200,7 +220,7 @@ function verify(derivedHash, password) {
|
||||||
function verifySync(derivedHash, password) {
|
function verifySync(derivedHash, password) {
|
||||||
var $cost, $salt, $key
|
var $cost, $salt, $key
|
||||||
try {
|
try {
|
||||||
[$cost, $salt, $key] = derivedHash.split('.')
|
;[$cost, $salt, $key] = derivedHash.split('.')
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
throw new ParseError(derivedHash, e)
|
throw new ParseError(derivedHash, e)
|
||||||
}
|
}
|
||||||
|
@ -220,5 +240,10 @@ function verifySync(derivedHash, password) {
|
||||||
}
|
}
|
||||||
|
|
||||||
module.exports = {
|
module.exports = {
|
||||||
hash, hashSync, verify, verifySync, ParseError, InvalidOptions
|
hash,
|
||||||
|
hashSync,
|
||||||
|
verify,
|
||||||
|
verifySync,
|
||||||
|
ParseError,
|
||||||
|
InvalidOptions,
|
||||||
}
|
}
|
|
@ -13,6 +13,12 @@
|
||||||
"devDependencies": {
|
"devDependencies": {
|
||||||
"chai": "^4.3.8",
|
"chai": "^4.3.8",
|
||||||
"chai-as-promised": "^7.1.1",
|
"chai-as-promised": "^7.1.1",
|
||||||
"mocha": "^10.2.0"
|
"mocha": "^10.2.0",
|
||||||
|
"prettier": "^3.0.3"
|
||||||
|
},
|
||||||
|
"prettier": {
|
||||||
|
"arrowParens": "avoid",
|
||||||
|
"singleQuote": true,
|
||||||
|
"semi": false
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -31,66 +31,95 @@ describe('hashSync() and sync verification', function () {
|
||||||
|
|
||||||
describe('hash() error cases', function () {
|
describe('hash() error cases', function () {
|
||||||
it('throws an error when it receives an invalid cost value', async function () {
|
it('throws an error when it receives an invalid cost value', async function () {
|
||||||
scrypt.hash('bad password', { cost: 2.3 }).should.be.rejectedWith(scrypt.InvalidOptions)
|
scrypt
|
||||||
scrypt.hash('bad password', { cost: 2 /* too small */ }).should.be.rejectedWith(scrypt.InvalidOptions)
|
.hash('bad password', { cost: 2.3 })
|
||||||
|
.should.be.rejectedWith(scrypt.InvalidOptions)
|
||||||
|
scrypt
|
||||||
|
.hash('bad password', { cost: 2 /* too small */ })
|
||||||
|
.should.be.rejectedWith(scrypt.InvalidOptions)
|
||||||
})
|
})
|
||||||
it('throws an error when it receives an invalid keyLength value', async function () {
|
it('throws an error when it receives an invalid keyLength value', async function () {
|
||||||
scrypt.hash('bad password', { keyLength: 2.3 }).should.be.rejectedWith(scrypt.InvalidOptions)
|
scrypt
|
||||||
|
.hash('bad password', { keyLength: 2.3 })
|
||||||
|
.should.be.rejectedWith(scrypt.InvalidOptions)
|
||||||
})
|
})
|
||||||
it('throws an error when it receives an invalid saltLength value', async function () {
|
it('throws an error when it receives an invalid saltLength value', async function () {
|
||||||
scrypt.hash('bad password', { saltLength: 2.3 }).should.be.rejectedWith(scrypt.InvalidOptions)
|
scrypt
|
||||||
scrypt.hash('bad password', { saltLength: 15 /* too small */ }).should.be.rejectedWith(scrypt.InvalidOptions)
|
.hash('bad password', { saltLength: 2.3 })
|
||||||
|
.should.be.rejectedWith(scrypt.InvalidOptions)
|
||||||
|
scrypt
|
||||||
|
.hash('bad password', { saltLength: 15 /* too small */ })
|
||||||
|
.should.be.rejectedWith(scrypt.InvalidOptions)
|
||||||
})
|
})
|
||||||
it('throws an error when the password is not the right thing', function () {
|
it('throws an error when the password is not the right thing', function () {
|
||||||
scrypt.hash(undefined).should.eventually.be.rejected
|
scrypt.hash(undefined).should.be.rejected
|
||||||
scrypt.hash(null).should.eventually.be.rejected
|
scrypt.hash(null).should.be.rejected
|
||||||
scrypt.hash(123.4).should.eventually.be.rejected
|
scrypt.hash(123.4).should.be.rejected
|
||||||
scrypt.hash(NaN).should.eventually.be.rejected
|
scrypt.hash(NaN).should.be.rejected
|
||||||
scrypt.hash(['some', 'arbitrary', 'values']).should.eventually.be.rejected
|
scrypt.hash(['some', 'arbitrary', 'values']).should.be.rejected
|
||||||
scrypt.hash({ some: 'arbitrary values' }).should.eventually.be.rejected
|
scrypt.hash({ some: 'arbitrary values' }).should.be.rejected
|
||||||
scrypt.hash(Symbol('something else')).should.eventually.be.rejected
|
scrypt.hash(Symbol('something else')).should.be.rejected
|
||||||
scrypt.hash(() => "no, you can't do this either").should.eventually.be.rejected
|
scrypt.hash(() => "no, you can't do this either").should.be.rejected
|
||||||
})
|
})
|
||||||
})
|
})
|
||||||
|
|
||||||
describe('hashSync() error cases', function () {
|
describe('hashSync() error cases', function () {
|
||||||
it('throws an error when it receives an invalid cost value', async function () {
|
it('throws an error when it receives an invalid cost value', async function () {
|
||||||
scrypt.hashSync.bind(undefined, 'bad password', { cost: 2.3 }).should.throw(scrypt.InvalidOptions)
|
scrypt.hashSync
|
||||||
scrypt.hashSync.bind(undefined, 'bad password', { cost: 2 /* too small */ }).should.throw(scrypt.InvalidOptions)
|
.bind(undefined, 'bad password', { cost: 2.3 })
|
||||||
|
.should.throw(scrypt.InvalidOptions)
|
||||||
|
scrypt.hashSync
|
||||||
|
.bind(undefined, 'bad password', { cost: 2 /* too small */ })
|
||||||
|
.should.throw(scrypt.InvalidOptions)
|
||||||
})
|
})
|
||||||
it('throws an error when it receives an invalid keyLength value', async function () {
|
it('throws an error when it receives an invalid keyLength value', async function () {
|
||||||
scrypt.hashSync.bind(undefined, 'bad password', { keyLength: 2.3 }).should.throw(scrypt.InvalidOptions)
|
scrypt.hashSync
|
||||||
|
.bind(undefined, 'bad password', { keyLength: 2.3 })
|
||||||
|
.should.throw(scrypt.InvalidOptions)
|
||||||
})
|
})
|
||||||
it('throws an error when it receives an invalid saltLength value', async function () {
|
it('throws an error when it receives an invalid saltLength value', async function () {
|
||||||
scrypt.hashSync.bind(undefined, 'bad password', { saltLength: 2.3 }).should.throw(scrypt.InvalidOptions)
|
scrypt.hashSync
|
||||||
scrypt.hashSync.bind(undefined, 'bad password', { saltLength: 15 }).should.throw(scrypt.InvalidOptions)
|
.bind(undefined, 'bad password', { saltLength: 2.3 })
|
||||||
|
.should.throw(scrypt.InvalidOptions)
|
||||||
|
scrypt.hashSync
|
||||||
|
.bind(undefined, 'bad password', { saltLength: 15 })
|
||||||
|
.should.throw(scrypt.InvalidOptions)
|
||||||
})
|
})
|
||||||
it('throws an error when the password is not the right thing', function () {
|
it('throws an error when the password is not the right thing', function () {
|
||||||
scrypt.hashSync.bind(undefined, undefined).should.throw()
|
scrypt.hashSync.bind(undefined, undefined).should.throw()
|
||||||
scrypt.hashSync.bind(undefined, null).should.throw()
|
scrypt.hashSync.bind(undefined, null).should.throw()
|
||||||
scrypt.hashSync.bind(undefined, 123.4).should.throw()
|
scrypt.hashSync.bind(undefined, 123.4).should.throw()
|
||||||
scrypt.hashSync.bind(undefined, NaN).should.throw()
|
scrypt.hashSync.bind(undefined, NaN).should.throw()
|
||||||
scrypt.hashSync.bind(undefined, ['some', 'arbitrary', 'values']).should.throw()
|
scrypt.hashSync
|
||||||
|
.bind(undefined, ['some', 'arbitrary', 'values'])
|
||||||
|
.should.throw()
|
||||||
scrypt.hashSync.bind(undefined, { some: 'arbitrary values' }).should.throw()
|
scrypt.hashSync.bind(undefined, { some: 'arbitrary values' }).should.throw()
|
||||||
scrypt.hashSync.bind(undefined, Symbol('something else')).should.throw()
|
scrypt.hashSync.bind(undefined, Symbol('something else')).should.throw()
|
||||||
scrypt.hashSync.bind(undefined, () => "no, you can't do this either").should.throw()
|
scrypt.hashSync
|
||||||
|
.bind(undefined, () => "no, you can't do this either")
|
||||||
|
.should.throw()
|
||||||
})
|
})
|
||||||
})
|
})
|
||||||
|
|
||||||
describe('verify() error cases', function () {
|
describe('verify() error cases', function () {
|
||||||
it('throws an error when the password is not the right thing', function () {
|
it('throws an error when the password is not the right thing', function () {
|
||||||
const validHash = 'e.WCu8zB9FHLhXaAf5Svn7NE4ySqB5X45X.ZLpxVwLz1816kmshqXHn12X_4_lZD_0Yl-27KSLLzdhXJ0Fr2huSD7BvoMlBMOMUQBKyKXPzhKI01_Ot-C_w8g'
|
const validHash =
|
||||||
scrypt.verify(validHash, undefined).should.eventually.be.rejected
|
'e.WCu8zB9FHLhXaAf5Svn7NE4ySqB5X45X.ZLpxVwLz1816kmshqXHn12X_4_lZD_0Yl-27KSLLzdhXJ0Fr2huSD7BvoMlBMOMUQBKyKXPzhKI01_Ot-C_w8g'
|
||||||
scrypt.verify(validHash, null).should.eventually.be.rejected
|
scrypt.verify(validHash, undefined).should.be.rejected
|
||||||
scrypt.verify(validHash, 123.4).should.eventually.be.rejected
|
scrypt.verify(validHash, null).should.be.rejected
|
||||||
scrypt.verify(validHash, NaN).should.eventually.be.rejected
|
scrypt.verify(validHash, 123.4).should.be.rejected
|
||||||
scrypt.verify(validHash, ['some', 'arbitrary', 'values']).should.eventually.be.rejected
|
scrypt.verify(validHash, NaN).should.be.rejected
|
||||||
scrypt.verify(validHash, { some: 'arbitrary values' }).should.eventually.be.rejected
|
scrypt.verify(validHash, ['some', 'arbitrary', 'values']).should.be.rejected
|
||||||
scrypt.verify(validHash, Symbol('something else')).should.eventually.be.rejected
|
scrypt.verify(validHash, { some: 'arbitrary values' }).should.be.rejected
|
||||||
scrypt.verify(validHash, () => "no, you can't do this either").should.eventually.be.rejected
|
scrypt.verify(validHash, Symbol('something else')).should.be.rejected
|
||||||
|
scrypt.verify(validHash, () => "no, you can't do this either").should.be
|
||||||
|
.rejected
|
||||||
|
scrypt.verify(validHash, Promise.resolve("no, you can't do this either"))
|
||||||
|
.should.be.rejected
|
||||||
})
|
})
|
||||||
it('throws an error when the hash is not the expected format', async function () {
|
it('throws an error when the hash is not the expected format', async function () {
|
||||||
const validHash = 'e.WCu8zB9FHLhXaAf5Svn7NE4ySqB5X45X.ZLpxVwLz1816kmshqXHn12X_4_lZD_0Yl-27KSLLzdhXJ0Fr2huSD7BvoMlBMOMUQBKyKXPzhKI01_Ot-C_w8g'
|
const validHash =
|
||||||
|
'e.WCu8zB9FHLhXaAf5Svn7NE4ySqB5X45X.ZLpxVwLz1816kmshqXHn12X_4_lZD_0Yl-27KSLLzdhXJ0Fr2huSD7BvoMlBMOMUQBKyKXPzhKI01_Ot-C_w8g'
|
||||||
const hashParts = validHash.split('.')
|
const hashParts = validHash.split('.')
|
||||||
async function checkThrows(value, cause) {
|
async function checkThrows(value, cause) {
|
||||||
let thrown
|
let thrown
|
||||||
|
@ -101,10 +130,8 @@ describe('verify() error cases', function () {
|
||||||
thrown = true
|
thrown = true
|
||||||
e.should.be.an.instanceof(scrypt.ParseError)
|
e.should.be.an.instanceof(scrypt.ParseError)
|
||||||
expect(e.malformedString).to.eq(value)
|
expect(e.malformedString).to.eq(value)
|
||||||
if (cause)
|
if (cause) expect(e.cause).to.be.an.instanceof(cause)
|
||||||
expect(e.cause).to.be.an.instanceof(cause)
|
else expect(e.cause).to.be.undefined
|
||||||
else
|
|
||||||
expect(e.cause).to.be.undefined
|
|
||||||
}
|
}
|
||||||
thrown.should.be.true
|
thrown.should.be.true
|
||||||
}
|
}
|
||||||
|
@ -112,10 +139,13 @@ describe('verify() error cases', function () {
|
||||||
await checkThrows(1234, TypeError)
|
await checkThrows(1234, TypeError)
|
||||||
await checkThrows(null, TypeError)
|
await checkThrows(null, TypeError)
|
||||||
await checkThrows([1, 2, 3], TypeError)
|
await checkThrows([1, 2, 3], TypeError)
|
||||||
scrypt.verify({
|
scrypt.verify(
|
||||||
|
{
|
||||||
// This is technically valid, why try to prevent it? 🤷
|
// This is technically valid, why try to prevent it? 🤷
|
||||||
split: () => hashParts
|
split: () => hashParts,
|
||||||
}, 'bad password').should.eventually.be.true
|
},
|
||||||
|
'bad password',
|
||||||
|
).should.eventually.be.true
|
||||||
await checkThrows({}, TypeError)
|
await checkThrows({}, TypeError)
|
||||||
|
|
||||||
await checkThrows(validHash.substring(1)) // No cost
|
await checkThrows(validHash.substring(1)) // No cost
|
||||||
|
@ -130,19 +160,35 @@ describe('verify() error cases', function () {
|
||||||
|
|
||||||
describe('verifySync() error cases', function () {
|
describe('verifySync() error cases', function () {
|
||||||
it('throws an error when the password is not the right thing', function () {
|
it('throws an error when the password is not the right thing', function () {
|
||||||
const validHash = 'e.WCu8zB9FHLhXaAf5Svn7NE4ySqB5X45X.ZLpxVwLz1816kmshqXHn12X_4_lZD_0Yl-27KSLLzdhXJ0Fr2huSD7BvoMlBMOMUQBKyKXPzhKI01_Ot-C_w8g'
|
const validHash =
|
||||||
|
'e.WCu8zB9FHLhXaAf5Svn7NE4ySqB5X45X.ZLpxVwLz1816kmshqXHn12X_4_lZD_0Yl-27KSLLzdhXJ0Fr2huSD7BvoMlBMOMUQBKyKXPzhKI01_Ot-C_w8g'
|
||||||
scrypt.verifySync.bind(undefined, validHash, undefined).should.throw()
|
scrypt.verifySync.bind(undefined, validHash, undefined).should.throw()
|
||||||
scrypt.verifySync.bind(undefined, validHash, null).should.throw()
|
scrypt.verifySync.bind(undefined, validHash, null).should.throw()
|
||||||
scrypt.verifySync.bind(undefined, validHash, 123.4).should.throw()
|
scrypt.verifySync.bind(undefined, validHash, 123.4).should.throw()
|
||||||
scrypt.verifySync.bind(undefined, validHash, NaN).should.throw()
|
scrypt.verifySync.bind(undefined, validHash, NaN).should.throw()
|
||||||
scrypt.verifySync.bind(undefined, validHash, ['some', 'arbitrary', 'values']).should.throw()
|
scrypt.verifySync
|
||||||
scrypt.verifySync.bind(undefined, validHash, { some: 'arbitrary values' }).should.throw()
|
.bind(undefined, validHash, ['some', 'arbitrary', 'values'])
|
||||||
scrypt.verifySync.bind(undefined, validHash, Symbol('something else')).should.throw()
|
.should.throw()
|
||||||
scrypt.verifySync.bind(undefined, validHash, () => "no, you can't do this either").should.throw()
|
scrypt.verifySync
|
||||||
scrypt.verifySync.bind(undefined, validHash, Promise.resolve("no, you can't do this either")).should.throw()
|
.bind(undefined, validHash, { some: 'arbitrary values' })
|
||||||
|
.should.throw()
|
||||||
|
scrypt.verifySync
|
||||||
|
.bind(undefined, validHash, Symbol('something else'))
|
||||||
|
.should.throw()
|
||||||
|
scrypt.verifySync
|
||||||
|
.bind(undefined, validHash, () => "no, you can't do this either")
|
||||||
|
.should.throw()
|
||||||
|
scrypt.verifySync
|
||||||
|
.bind(
|
||||||
|
undefined,
|
||||||
|
validHash,
|
||||||
|
Promise.resolve("no, you can't do this either"),
|
||||||
|
)
|
||||||
|
.should.throw()
|
||||||
})
|
})
|
||||||
it('throws an error when the hash is not the expected format', function () {
|
it('throws an error when the hash is not the expected format', function () {
|
||||||
const validHash = 'e.WCu8zB9FHLhXaAf5Svn7NE4ySqB5X45X.ZLpxVwLz1816kmshqXHn12X_4_lZD_0Yl-27KSLLzdhXJ0Fr2huSD7BvoMlBMOMUQBKyKXPzhKI01_Ot-C_w8g'
|
const validHash =
|
||||||
|
'e.WCu8zB9FHLhXaAf5Svn7NE4ySqB5X45X.ZLpxVwLz1816kmshqXHn12X_4_lZD_0Yl-27KSLLzdhXJ0Fr2huSD7BvoMlBMOMUQBKyKXPzhKI01_Ot-C_w8g'
|
||||||
const hashParts = validHash.split('.')
|
const hashParts = validHash.split('.')
|
||||||
function checkThrows(value, cause) {
|
function checkThrows(value, cause) {
|
||||||
let thrown
|
let thrown
|
||||||
|
@ -153,10 +199,8 @@ describe('verifySync() error cases', function () {
|
||||||
thrown = true
|
thrown = true
|
||||||
e.should.be.an.instanceof(scrypt.ParseError)
|
e.should.be.an.instanceof(scrypt.ParseError)
|
||||||
expect(e.malformedString).to.eq(value)
|
expect(e.malformedString).to.eq(value)
|
||||||
if (cause)
|
if (cause) expect(e.cause).to.be.an.instanceof(cause)
|
||||||
expect(e.cause).to.be.an.instanceof(cause)
|
else expect(e.cause).to.be.undefined
|
||||||
else
|
|
||||||
expect(e.cause).to.be.undefined
|
|
||||||
}
|
}
|
||||||
thrown.should.be.true
|
thrown.should.be.true
|
||||||
}
|
}
|
||||||
|
@ -164,10 +208,13 @@ describe('verifySync() error cases', function () {
|
||||||
checkThrows(1234, TypeError)
|
checkThrows(1234, TypeError)
|
||||||
checkThrows(null, TypeError)
|
checkThrows(null, TypeError)
|
||||||
checkThrows([1, 2, 3], TypeError)
|
checkThrows([1, 2, 3], TypeError)
|
||||||
scrypt.verify({
|
scrypt.verify(
|
||||||
|
{
|
||||||
// This is technically valid, why try to prevent it? 🤷
|
// This is technically valid, why try to prevent it? 🤷
|
||||||
split: () => hashParts
|
split: () => hashParts,
|
||||||
}, 'bad password').should.eventually.be.true
|
},
|
||||||
|
'bad password',
|
||||||
|
).should.eventually.be.true
|
||||||
checkThrows({}, TypeError)
|
checkThrows({}, TypeError)
|
||||||
|
|
||||||
checkThrows(validHash.substring(1)) // No cost
|
checkThrows(validHash.substring(1)) // No cost
|
||||||
|
|
|
@ -444,6 +444,11 @@ picomatch@^2.0.4, picomatch@^2.2.1:
|
||||||
resolved "https://registry.yarnpkg.com/picomatch/-/picomatch-2.3.1.tgz#3ba3833733646d9d3e4995946c1365a67fb07a42"
|
resolved "https://registry.yarnpkg.com/picomatch/-/picomatch-2.3.1.tgz#3ba3833733646d9d3e4995946c1365a67fb07a42"
|
||||||
integrity sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==
|
integrity sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==
|
||||||
|
|
||||||
|
prettier@^3.0.3:
|
||||||
|
version "3.0.3"
|
||||||
|
resolved "https://registry.yarnpkg.com/prettier/-/prettier-3.0.3.tgz#432a51f7ba422d1469096c0fdc28e235db8f9643"
|
||||||
|
integrity sha512-L/4pUDMxcNa8R/EthV08Zt42WBO4h1rarVtK0K+QJG0X187OLo7l699jWw0GKuwzkPQ//jMFA/8Xm6Fh3J/DAg==
|
||||||
|
|
||||||
randombytes@^2.1.0:
|
randombytes@^2.1.0:
|
||||||
version "2.1.0"
|
version "2.1.0"
|
||||||
resolved "https://registry.yarnpkg.com/randombytes/-/randombytes-2.1.0.tgz#df6f84372f0270dc65cdf6291349ab7a473d4f2a"
|
resolved "https://registry.yarnpkg.com/randombytes/-/randombytes-2.1.0.tgz#df6f84372f0270dc65cdf6291349ab7a473d4f2a"
|
||||||
|
|
Loading…
Reference in a new issue