joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Code maintenance, small refactors (#3811)

Browse Source 
* Removes promise wrapping in AccountLockoutPolicy

* Use bcrypt promises as globally available
This commit is contained in:
Florent Vilmart
2017-05-14 19:37:42 -04:00
committed by GitHub
parent ab5b759e26
commit d71683a7e2
2 changed files with 34 additions and 95 deletions
Download Patch File Download Diff File Expand all files Collapse all files

101
src/AccountLockout.js
View File

@@ -26,24 +26,19 @@ export class AccountLockout {
* check if the _failed_login_count field has been set * check if the _failed_login_count field has been set
*/ */
_isFailedLoginCountSet() { _isFailedLoginCountSet() {
return new Promise((resolve, reject) => { const query = {
const query = { username: this._user.username,
username: this._user.username, _failed_login_count: { $exists: true }
_failed_login_count: { $exists: true } };
};
this._config.database.find('_User', query) return this._config.database.find('_User', query)
.then(users => { .then(users => {
if (Array.isArray(users) && users.length > 0) { if (Array.isArray(users) && users.length > 0) {
resolve(true); return true;
} else { } else {
resolve(false); return false;
} }
})
.catch(err => {
reject(err);
}); });
});
} }
/** /**
@@ -51,23 +46,12 @@ export class AccountLockout {
* else do nothing * else do nothing
*/ */
_initFailedLoginCount() { _initFailedLoginCount() {
return new Promise((resolve, reject) => { return this._isFailedLoginCountSet()
this._isFailedLoginCountSet()
.then(failedLoginCountIsSet => { .then(failedLoginCountIsSet => {
if (!failedLoginCountIsSet) { if (!failedLoginCountIsSet) {
return this._setFailedLoginCount(0); return this._setFailedLoginCount(0);
} else {
return Promise.resolve();
} }
})
.then(() => {
resolve();
})
.catch(err => {
reject(err);
}); });
});
} }
/** /**
@@ -89,30 +73,25 @@ export class AccountLockout {
* else do nothing * else do nothing
*/ */
_setLockoutExpiration() { _setLockoutExpiration() {
return new Promise((resolve, reject) => { const query = {
const query = { username: this._user.username,
username: this._user.username, _failed_login_count: { $gte: this._config.accountLockout.threshold }
_failed_login_count: { $gte: this._config.accountLockout.threshold } };
};
const now = new Date(); const now = new Date();
const updateFields = { const updateFields = {
_account_lockout_expires_at: Parse._encode(new Date(now.getTime() + this._config.accountLockout.duration * 60 * 1000)) _account_lockout_expires_at: Parse._encode(new Date(now.getTime() + this._config.accountLockout.duration * 60 * 1000))
}; };
this._config.database.update('_User', query, updateFields) return this._config.database.update('_User', query, updateFields)
.then(() => {
resolve();
})
.catch(err => { .catch(err => {
if (err && err.code && err.message && err.code === 101 && err.message === 'Object not found.') { if (err && err.code && err.message && err.code === 101 && err.message === 'Object not found.') {
resolve(); // nothing to update so we are good return; // nothing to update so we are good
} else { } else {
reject(err); // unknown error throw err; // unknown error
} }
}); });
});
} }
/** /**
@@ -122,25 +101,18 @@ export class AccountLockout {
* resolve * resolve
*/ */
_notLocked() { _notLocked() {
return new Promise((resolve, reject) => { const query = {
const query = { username: this._user.username,
username: this._user.username, _account_lockout_expires_at: { $gt: Parse._encode(new Date()) },
_account_lockout_expires_at: { $gt: Parse._encode(new Date()) }, _failed_login_count: {$gte: this._config.accountLockout.threshold}
_failed_login_count: {$gte: this._config.accountLockout.threshold} };
};
this._config.database.find('_User', query) return this._config.database.find('_User', query)
.then(users => { .then(users => {
if (Array.isArray(users) && users.length > 0) { if (Array.isArray(users) && users.length > 0) {
reject(new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Your account is locked due to multiple failed login attempts. Please try again after ' + this._config.accountLockout.duration + ' minute(s)')); throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Your account is locked due to multiple failed login attempts. Please try again after ' + this._config.accountLockout.duration + ' minute(s)');
} else {
resolve();
} }
})
.catch(err => {
reject(err);
}); });
});
} }
/** /**
@@ -151,21 +123,13 @@ export class AccountLockout {
* do nothing * do nothing
*/ */
_handleFailedLoginAttempt() { _handleFailedLoginAttempt() {
return new Promise((resolve, reject) => { return this._initFailedLoginCount()
this._initFailedLoginCount()
.then(() => { .then(() => {
return this._incrementFailedLoginCount(); return this._incrementFailedLoginCount();
}) })
.then(() => { .then(() => {
return this._setLockoutExpiration(); return this._setLockoutExpiration();
})
.then(() => {
resolve();
})
.catch(err => {
reject(err);
}); });
});
} }
/** /**
@@ -175,23 +139,14 @@ export class AccountLockout {
if (!this._config.accountLockout) { if (!this._config.accountLockout) {
return Promise.resolve(); return Promise.resolve();
} }
return this._notLocked()
return new Promise((resolve, reject) => {
this._notLocked()
.then(() => { .then(() => {
if (loginSuccessful) { if (loginSuccessful) {
return this._setFailedLoginCount(0); return this._setFailedLoginCount(0);
} else { } else {
return this._handleFailedLoginAttempt(); return this._handleFailedLoginAttempt();
} }
})
.then(() => {
resolve();
})
.catch(err => {
reject(err);
}); });
});
} }
} }

28
src/password.js
View File

@@ -8,33 +8,17 @@ try {
// Returns a promise for a hashed password string. // Returns a promise for a hashed password string.
function hash(password) { function hash(password) {
return new Promise(function(fulfill, reject) { return bcrypt.hash(password, 10);
bcrypt.hash(password, 10, function(err, hashedPassword) {
if (err) {
reject(err);
} else {
fulfill(hashedPassword);
}
});
});
} }
// Returns a promise for whether this password compares to equal this // Returns a promise for whether this password compares to equal this
// hashed password. // hashed password.
function compare(password, hashedPassword) { function compare(password, hashedPassword) {
return new Promise(function(fulfill, reject) { // Cannot bcrypt compare when one is undefined
// Cannot bcrypt compare when one is undefined if (!password || !hashedPassword) {
if (!password || !hashedPassword) { return Promise.resolve(false);
return fulfill(false); }
} return bcrypt.compare(password, hashedPassword);
bcrypt.compare(password, hashedPassword, function(err, success) {
if (err) {
reject(err);
} else {
fulfill(success);
}
});
});
} }
module.exports = { module.exports = {