auth-util.js ➔ ??? - Code Metrics - Inspection of "[Bug] check undefined" - ridibooks/simple-notifier - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( c6b313...ea8146 )

by Kyungmi

created 2017-01-16 08:45 UTC

auth-util.js ➔ ??? A

↳ Parent: src/common/auth-util.js

Complexity

Conditions	1
Paths	1

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes	3
Bugs	0	Features	0

Metric	Value
cc	1
c	3
b	0
f	0
nc	1
dl	0
loc	6
rs	9.4285
nop	2

/**
 * Auth util functions
 *
 * @since 1.0.0
 */

const JWT = require('jsonwebtoken');
const config = require('./../config/server.config.js');
const crypto = require('crypto');

/**
 * Generate auth token
 * @param {Object} account
 *    - {string} username - username for login
 *    - {string} role - user's role
 *    - {number} exp - timestamp indicates expiration date
 *    - {string} ip - client ip address
 * @param {number} ttl - time to live in millisecond
 * @returns {*}
 */
exports.generateToken = (account, ttl) => JWT.sign({
  username: account.username,
  role: account.role,
  exp: new Date().getTime() + (ttl || config.auth.tokenTTL),
  ip: account.ip,
}, process.env.SECRET_KEY || config.auth.secretKey);

/**
 * Encrypt user password
 * @param {Object} credential - user inputs
 *    - {string} username
 *    - {string} password
 * @returns {string}
 */
exports.encryptPassword = (credential) => {
  const hmac = crypto.createHmac('sha256', process.env.SECRET_KEY || config.auth.secretKey);
  hmac.update(`${credential.username}:${credential.password}`);
  return hmac.digest('hex');
};

/**
 * Compare password from database with password user input
 * The password on database is always generated from '[username]:[password]' string. That improves password's security.
 * @param {Object} credential - user inputs
 *    - {string} username
 *    - {string} password
 * @param {string} dbPassword - digested password string from database
 * @returns {boolean}
 */
exports.comparePassword = (credential, dbPassword) => exports.encryptPassword(credential) === dbPassword;


1			/**
2			* Auth util functions
3			*
4			* @since 1.0.0
5			*/
6
7			const JWT = require('jsonwebtoken');
8			const config = require('./../config/server.config.js');
9			const crypto = require('crypto');
10
11			/**
12			* Generate auth token
13			* @param {Object} account
14			* - {string} username - username for login
15			* - {string} role - user's role
16			* - {number} exp - timestamp indicates expiration date
17			* - {string} ip - client ip address
18			* @param {number} ttl - time to live in millisecond
19			* @returns {*}
20			*/
21			exports.generateToken = (account, ttl) => JWT.sign({
22			username: account.username,
23			role: account.role,
24			exp: new Date().getTime() + (ttl \|\| config.auth.tokenTTL),
25			ip: account.ip,
26			}, process.env.SECRET_KEY \|\| config.auth.secretKey);
27
28			/**
29			* Encrypt user password
30			* @param {Object} credential - user inputs
31			* - {string} username
32			* - {string} password
33			* @returns {string}
34			*/
35			exports.encryptPassword = (credential) => {
36			const hmac = crypto.createHmac('sha256', process.env.SECRET_KEY \|\| config.auth.secretKey);
37			hmac.update(`${credential.username}:${credential.password}`);
38			return hmac.digest('hex');
39			};
40
41			/**
42			* Compare password from database with password user input
43			* The password on database is always generated from '[username]:[password]' string. That improves password's security.
44			* @param {Object} credential - user inputs
45			* - {string} username
46			* - {string} password
47			* @param {string} dbPassword - digested password string from database
48			* @returns {boolean}
49			*/
50			exports.comparePassword = (credential, dbPassword) => exports.encryptPassword(credential) === dbPassword;
51

ridibooks / simple-notifier

Push — master ( c6b313...ea8146 )

auth-util.js ➔ ??? A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like