44var mongoose = require ( 'mongoose' ) ,
55 Schema = mongoose . Schema ,
66 crypto = require ( 'crypto' ) ,
7+ scrypt = require ( 'scrypt' ) ,
78 _ = require ( 'underscore' ) ,
89 authTypes = [ 'github' , 'twitter' , 'facebook' , 'google' ] ;
910
@@ -17,7 +18,6 @@ var UserSchema = new Schema({
1718 username : String ,
1819 provider : String ,
1920 hashed_password : String ,
20- salt : String ,
2121 facebook : { } ,
2222 twitter : { } ,
2323 github : { } ,
@@ -29,7 +29,6 @@ var UserSchema = new Schema({
2929 */
3030UserSchema . virtual ( 'password' ) . set ( function ( password ) {
3131 this . _password = password ;
32- this . salt = this . makeSalt ( ) ;
3332 this . hashed_password = this . encryptPassword ( password ) ;
3433} ) . get ( function ( ) {
3534 return this . _password ;
@@ -92,18 +91,9 @@ UserSchema.methods = {
9291 * @api public
9392 */
9493 authenticate : function ( plainText ) {
95- return this . encryptPassword ( plainText ) === this . hashed_password ;
94+ return scrypt . verifyHashSync ( this . hashed_password , plainText ) ;
9695 } ,
9796
98- /**
99- * Make salt
100- *
101- * @return {String }
102- * @api public
103- */
104- makeSalt : function ( ) {
105- return Math . round ( ( new Date ( ) . valueOf ( ) * Math . random ( ) ) ) + '' ;
106- } ,
10797
10898 /**
10999 * Encrypt password
@@ -114,8 +104,10 @@ UserSchema.methods = {
114104 */
115105 encryptPassword : function ( password ) {
116106 if ( ! password ) return '' ;
117- return crypto . createHmac ( 'sha1' , this . salt ) . update ( password ) . digest ( 'hex' ) ;
107+ var maxtime = 0.1 ;
108+ return scrypt . passwordHashSync ( password , maxtime ) ;
109+ //return crypto.createHmac('sha1', this.salt).update(password).digest('hex');
118110 }
119111} ;
120112
121- mongoose . model ( 'User' , UserSchema ) ;
113+ mongoose . model ( 'User' , UserSchema ) ;
0 commit comments