Notes/services/change_password.js

"use strict";

const sql = require('./sql');
const options = require('./options');
const my_scrypt = require('./my_scrypt');
const utils = require('./utils');
const password_encryption = require('./password_encryption');

async function changePassword(currentPassword, newPassword, req) {
    if (!await password_encryption.verifyPassword(currentPassword)) {
        return {
            success: false,
            message: "Given current password doesn't match hash"
        };
    }

    const newPasswordVerificationKey = utils.toBase64(await my_scrypt.getVerificationHash(newPassword));
    const decryptedDataKey = await password_encryption.getDataKey(currentPassword);

    await sql.doInTransaction(async db => {
        await password_encryption.setDataKey(db, newPassword, decryptedDataKey);

        await options.setOption(db, 'password_verification_hash', newPasswordVerificationKey);
    });

    return {
        success: true
    };
}

module.exports = {
    changePassword
};
use strict in all JS files 2017-10-21 21:10:33 -04:00			`"use strict";`

backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00			`const sql = require('./sql');`
sync of options 2017-11-02 20:48:02 -04:00			`const options = require('./options');`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00			`const my_scrypt = require('./my_scrypt');`
			`const utils = require('./utils');`
refactoring of password change and preparations for server side encryption 2017-11-09 23:25:23 -05:00			`const password_encryption = require('./password_encryption');`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00
fix password change 2017-11-06 19:48:02 -05:00			`async function changePassword(currentPassword, newPassword, req) {`
refactoring of password change and preparations for server side encryption 2017-11-09 23:25:23 -05:00			`if (!await password_encryption.verifyPassword(currentPassword)) {`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00			`return {`
refactoring of password change and preparations for server side encryption 2017-11-09 23:25:23 -05:00			`success: false,`
			`message: "Given current password doesn't match hash"`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00			`};`
			`}`

			`const newPasswordVerificationKey = utils.toBase64(await my_scrypt.getVerificationHash(newPassword));`
cleaned up "CBC" from methods since we don't have CTR 2017-11-18 12:53:17 -05:00			`const decryptedDataKey = await password_encryption.getDataKey(currentPassword);`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00
separate DB connection for each transaction (just for the record, will be reverted probably) 2017-11-28 17:04:47 -05:00			`await sql.doInTransaction(async db => {`
			`await password_encryption.setDataKey(db, newPassword, decryptedDataKey);`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00
separate DB connection for each transaction (just for the record, will be reverted probably) 2017-11-28 17:04:47 -05:00			`await options.setOption(db, 'password_verification_hash', newPasswordVerificationKey);`
better transaction handling with rollback on exception 2017-10-29 18:50:28 -04:00			`});`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00
			`return {`
fix undefined variable 2017-11-22 20:36:07 -05:00			`success: true`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00			`};`
			`}`

			`module.exports = {`
			`changePassword`
			`};`