Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature - Replacing Bcrypt with NodeJS built in PBKDF2 #315

Open
wants to merge 7 commits into
base: rc-1.6.0
Choose a base branch
from
Open

Feature - Replacing Bcrypt with NodeJS built in PBKDF2 #315

wants to merge 7 commits into from

Conversation

elliot-sabitov
Copy link
Contributor

  • feat: replacing bcrypt with nodes built in pbkdf2Sync to persist and check for matching hashes of passwordString VariableAttribute dataType during BasicAuthentication handling

feat: replacing bcrypt with nodes built in pbkdf2Sync to persist and …
fb91e1a 
…check for matching hashes of passwordString VariableAttribute dataType during BasicAuthentication handling
@elliot-sabitov elliot-sabitov changed the title Feature - Replacing Bcrypt with NodeJS built in pbkdf2Sync Feature - Replacing Bcrypt with NodeJS built in PBKDF2 Dec 6, 2024
ChrisWeissmann
ChrisWeissmann reviewed Dec 9, 2024
View reviewed changes
Copy link
Contributor

@ChrisWeissmann ChrisWeissmann left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we fix what is happening with the jest tests as well?

01_Data/src/util/CryptoUtils.ts Outdated Show resolved Hide resolved
Elliot Sabitov and others added 5 commits December 9, 2024 17:50
fix: moved iterations, keyLen, and digest to variables and created he…
d9464ab 
…lper method to getHashFromStringWithSalt

test: fixed failing test
Merge branch 'rc-1.6.0' into feature/60-replace-bcrypt
e1f1af6 
* rc-1.6.0:
  Updating localstack volumes
  Changing healthcheck settings for graphql-engine on docker compose.
  Managing execution order on docker compose
  Moving hasura into core
Merge branch 'rc-1.6.0' into feature/60-replace-bcrypt
af3c599 
* rc-1.6.0:
  chore: removing missed unnecessary protected access modifiers
  chore: removing deasync from dockerfiles
  feat: removing deasync dependency by instead awaiting promises outside of constructors refactor: adjusted logic such that the requests/responses are defined in the AbstractModule and creating an initHandlers helper method that can be triggered on the module to await the existing initHandler promise that was previously wrapped in deasyncPromise refactor: adjusted logging behavior such that the AbstractModule can log the initialization and initialization duration messages refactor: adjusted the CitrineOSServer to trigger initSystem() during the async initialize() that is triggered post constructor initialization via run(), made initSystem() async and made, created helper methods to initialize the individual modules, and fixed initModule helper to invoke one of the individual module initialization helpers. Individual module initialization methods are now also async and will await initHandlersAndAddModule helper method which will trigger and await the new initHandlers method in the AbstractModule, thereby allowing the promises to be awaited outside of the constructors chore: removing Timer class entirely and simplifying how we computed the initialization duration captured solely within AbstractModule class via single startTime variable chore: removing getSync and setSync along with todo as these methods are no longer used and are only other place where deasyncPromise was used

# Conflicts:
#	02_Util/package.json
#	Server/deploy.Dockerfile
#	Server/local.Dockerfile
#	Server/package.json
feat: created PasswordHashAlgorithm interface and Pbkdf2 implementati…
20d435d 
…on and persisting keyLen and digest as part of the hashed PW
@thanaParis
merging paths
22d6387 
Signed-off-by: thanaParis <thana.paris@s44.team>
@elliot-sabitov
Copy link
Contributor Author

Tests were fixed 👍

Merge branch 'rc-1.6.0' into feature/60-replace-bcrypt
e443b95 
* rc-1.6.0:
  updating dockerfiles to use node 22
  increasing node version for all github action pipelines to match new requirement of >=22.x
  satifying linter, no hanging promises
  feat: updating typescript to newer version feat: moving more shared dependencies to Base so that they can be picked up transitively feat: updating eslint dependencies fix: linting issues that came up after updating eslint
  feat: upgraded fastify to latest version feat: updated NodeJS version to latest LTS 22.11.0 fix: fixed vulnerabilities by updated other dependencies chore: renamed npm run fresh-and-install-all to npm run fi
  feature/handle-meter-value-cost-update

# Conflicts:
#	01_Data/package.json
#	Server/package.json
@yuvenus
Copy link

yuvenus commented Dec 27, 2024

FYI working so far on windows 11 as well 👀🙏

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ChrisWeissmann ChrisWeissmann ChrisWeissmann left review comments

@thanaParis thanaParis Awaiting requested review from thanaParis

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@elliot-sabitov @yuvenus @ChrisWeissmann @thanaParis