feat(credentials): refactor hashing, verification, and token signing methods
This commit reimplements the hashing, verification, and token signing methods in the CredentialsService. It also adjusts the constructor's parameters, reorders imports, and introduces additional logging for debugging purposes. Finally, it corrects minor formatting and style issues in the credentials.service.ts and credentials.module.ts files.
This commit is contained in:
parent
de3d1cca05
commit
6905e8faee
GPG Key ID:
DD9E0666A747D126
@ -1,10 +1,10 @@
|
||||
import { Module } from "@nestjs/common";
|
||||
import { CredentialsService } from "./credentials.service";
|
||||
import { ConfigModule } from "@nestjs/config";
|
||||
import { CredentialsService } from "./credentials.service";
|
||||
|
||||
@Module({
|
||||
imports: [ConfigModule],
|
||||
providers: [CredentialsService],
|
||||
exports: [CredentialsService]
|
||||
exports: [CredentialsService],
|
||||
})
|
||||
export class CredentialsModule {}
|
||||
|
||||
@ -1,44 +1,49 @@
|
||||
import { BadRequestException, Injectable } from "@nestjs/common";
|
||||
import * as argon from "argon2";
|
||||
import * as jose from "jose"
|
||||
// biome-ignore lint/style/useImportType: used by Next.js
|
||||
import { ConfigService } from "@nestjs/config";
|
||||
import * as argon from "argon2";
|
||||
import * as jose from "jose";
|
||||
import { generateSecret, JWTPayload } from "jose";
|
||||
|
||||
@Injectable()
|
||||
export class CredentialsService {
|
||||
|
||||
constructor(private configService: ConfigService) {
|
||||
}
|
||||
constructor(
|
||||
private readonly configService: ConfigService,
|
||||
) {}
|
||||
|
||||
async hash(plaintextPassword: string) {
|
||||
if (plaintextPassword.length < 6) throw new BadRequestException("Password is not strong enough !")
|
||||
return argon.hash(Buffer.from(plaintextPassword), {
|
||||
secret: this.configService.get("APP_HASH_SECRET"),
|
||||
})
|
||||
console.log(plaintextPassword);
|
||||
if (plaintextPassword.length < 6)
|
||||
throw new BadRequestException("Password is not strong enough !");
|
||||
return argon.hash(plaintextPassword, {
|
||||
secret: Buffer.from(this.configService.get("APP_HASH_SECRET")),
|
||||
});
|
||||
}
|
||||
|
||||
async check(plaintextPassword: string, hashedPassword: string) {
|
||||
return argon.verify(hashedPassword, Buffer.from(plaintextPassword), {
|
||||
secret: this.configService.get("APP_HASH_SECRET"),
|
||||
})
|
||||
return argon.verify(hashedPassword, plaintextPassword, {
|
||||
secret: Buffer.from(this.configService.get("APP_HASH_SECRET")),
|
||||
});
|
||||
}
|
||||
|
||||
async verifyAuthToken(token: string) {
|
||||
const verifyRes = await jose.jwtVerify(token, Uint8Array.from(this.configService.get("APP_TOKEN_SECRET")), {
|
||||
subject: "auth",
|
||||
audience: "user",
|
||||
issuer: "ShouldStick"
|
||||
})
|
||||
return await jose.jwtVerify(
|
||||
token,
|
||||
Uint8Array.from(this.configService.get("APP_TOKEN_SECRET")),
|
||||
{
|
||||
audience: "auth:user",
|
||||
issuer: "ShouldStick",
|
||||
},
|
||||
);
|
||||
}
|
||||
|
||||
async signAuthToken() {
|
||||
return new jose.SignJWT({})
|
||||
.setProtectedHeader({ alg: 'dir', enc: 'A128CBC-HS256' })
|
||||
async signAuthToken(payload: JWTPayload) {
|
||||
console.log(this.configService.get("APP_TOKEN_SECRET"))
|
||||
const token = new jose.SignJWT(payload)
|
||||
.setProtectedHeader({ alg: "HS512", enc: "A128CBC-HS512" })
|
||||
.setIssuedAt()
|
||||
.setExpirationTime('3 day')
|
||||
.setExpirationTime("3 day")
|
||||
.setIssuer("ShouldStick")
|
||||
.setAudience("user")
|
||||
.setSubject("auth")
|
||||
.sign(Uint8Array.from(this.configService.get("APP_TOKEN_SECRET")))
|
||||
.setAudience("auth:user")
|
||||
console.log(token)
|
||||
return await token.sign(Uint8Array.from(this.configService.get("APP_TOKEN_SECRET")));
|
||||
}
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user