Skip to content

Commit

Permalink
fix(authentication-local): Allow to hash passwords in array data (#1936)
Browse files Browse the repository at this point in the history
  • Loading branch information
daffl authored Apr 29, 2020
1 parent d925c1b commit 64705f5
Show file tree
Hide file tree
Showing 3 changed files with 32 additions and 5 deletions.
21 changes: 16 additions & 5 deletions packages/authentication-local/src/hooks/hash-password.ts
Original file line number Diff line number Diff line change
Expand Up @@ -24,10 +24,9 @@ export default function hashPassword (field: string, options: HashPasswordOption
}

const { app, data, params } = context;
const password = get(data, field);

if (data === undefined || password === undefined) {
debug(`hook.data or hook.data.${field} is undefined. Skipping hashPassword hook.`);
if (data === undefined) {
debug(`hook.data is undefined. Skipping hashPassword hook.`);
return context;
}

Expand All @@ -44,9 +43,21 @@ export default function hashPassword (field: string, options: HashPasswordOption
throw new BadRequest(`Could not find '${strategy}' strategy to hash password`);
}

const hashedPassword: string = await localStrategy.hashPassword(password, params);
const addHashedPassword = async (data: any) => {
const password = get(data, field);

context.data = set(cloneDeep(data), field, hashedPassword);
if (password === undefined) {
debug(`hook.data.${field} is undefined, not hashing password`);
return data;
}

const hashedPassword: string = await localStrategy.hashPassword(password, params);

return set(cloneDeep(data), field, hashedPassword);
}

context.data = Array.isArray(data) ? await Promise.all(data.map(addHashedPassword)) :
await addHashedPassword(data);

return context;
};
Expand Down
1 change: 1 addition & 0 deletions packages/authentication-local/test/fixture.js
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ module.exports = (app = feathers()) => {

app.use('/authentication', authentication);
app.use('/users', memory({
multi: [ 'create' ],
paginate: {
default: 10,
max: 20
Expand Down
15 changes: 15 additions & 0 deletions packages/authentication-local/test/hooks/hash-password.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -89,6 +89,21 @@ describe('@feathersjs/authentication-local/hooks/hash-password', () => {
assert.notStrictEqual(user.password, password);
});

it('hashes password on array data', async () => {
const password = 'supersecret';

const users = await app.service('users').create([{
email: 'dave@hashpassword.com',
password
}, {
email: 'dave2@hashpassword.com',
password: 'secret2'
}]);

assert.notStrictEqual(users[0].password, password);
assert.notStrictEqual(users[1].password, 'secret2');
});

it('does nothing when field is not present', async () => {
const user = await app.service('users').create({
email: 'dave@hashpassword.com'
Expand Down

0 comments on commit 64705f5

Please sign in to comment.