mirrors/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2024-09-20 07:59:03 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

refactor: Remove randomString function

Browse source 
This was done because it was only a wrapper for a nodejs function to check if the given parameter is a positive number.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
This commit is contained in:
Philip Molares 2021-05-16 22:41:01 +02:00 committed by David Mehren
parent 69a2a24511
commit 875e848b80
No known key found for this signature in database
GPG key ID: 185982BA4C42B7C3
2 changed files with 5 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
src/auth/auth.service.spec.ts
View file

@ -17,6 +17,7 @@ import { NotInDBError, TokenNotValidError } from '../errors/errors';
import { Repository } from 'typeorm';
import { ConfigModule } from '@nestjs/config';
import appConfigMock from '../config/mock/app.config.mock';
import { randomBytes } from 'crypto';
describe('AuthService', () => {
let service: AuthService;
@ -79,7 +80,7 @@ describe('AuthService', () => {
.then((result) => expect(result).toBeTruthy());
});
it('fails, if secret is too short', async () => {
const secret = service.bufferToBase64Url(service.randomString(54));
const secret = service.bufferToBase64Url(randomBytes(54));
const hash = await service.hashPassword(secret);
await service
.checkPassword(secret, hash)
@ -328,10 +329,4 @@ describe('AuthService', () => {
);
});
});
describe('randomString', () => {
it('throws on invalid lenght parameter', () => {
expect(() => service.randomString(0)).toThrow();
expect(() => service.randomString(-1)).toThrow();
});
});
});

13
src/auth/auth.service.ts
View file

@ -16,12 +16,12 @@ import {
TokenNotValidError,
TooManyTokensError,
} from '../errors/errors';
import { randomBytes } from 'crypto';
import { InjectRepository } from '@nestjs/typeorm';
import { Repository } from 'typeorm';
import { ConsoleLoggerService } from '../logger/console-logger.service';
import { TimestampMillis } from '../utils/timestamp';
import { Cron, Timeout } from '@nestjs/schedule';
import { randomBytes } from 'crypto';
@Injectable()
export class AuthService {
@ -62,13 +62,6 @@ export class AuthService {
return await compare(cleartext, password);
}
randomString(length: number): Buffer {
if (length <= 0) {
throw new Error('randomString cannot have a length < 1');
}
return randomBytes(length);
}
bufferToBase64Url(text: Buffer): string {
// This is necessary as the is no base64url encoding in the toString method
// but as can be seen on https://tools.ietf.org/html/rfc4648#page-7
@ -93,8 +86,8 @@ export class AuthService {
`User '${user.userName}' has already 200 tokens and can't have anymore`,
);
}
const secret = this.bufferToBase64Url(this.randomString(54));
const keyId = this.bufferToBase64Url(this.randomString(8));
const secret = this.bufferToBase64Url(randomBytes(54));
const keyId = this.bufferToBase64Url(randomBytes(8));
const accessToken = await this.hashPassword(secret);
let token;
// Tokens can only be valid for a maximum of 2 years