From d498a03505844c660e62c2ed9ac757a39fbb922c Mon Sep 17 00:00:00 2001 From: srgooglo Date: Fri, 6 May 2022 12:27:17 +0200 Subject: [PATCH] not decode `password` `username` on passport stratergy --- packages/server/src/index.js | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/packages/server/src/index.js b/packages/server/src/index.js index 047b704c..b0a9982b 100644 --- a/packages/server/src/index.js +++ b/packages/server/src/index.js @@ -1,3 +1,13 @@ +// patches +const { Buffer } = require("buffer") + +global.b64Decode = (data) => { + return Buffer.from(data, "base64").toString("utf-8") +} +global.b64Encode = (data) => { + return Buffer.from(data, "utf-8").toString("base64") +} + Array.prototype.updateFromObjectKeys = function (obj) { this.forEach((value, index) => { if (obj[value] !== undefined) { @@ -16,14 +26,6 @@ import passport from "passport" import { User, Session, Config } from "./models" import jwt from "jsonwebtoken" -const { Buffer } = require("buffer") -const b64Decode = global.b64Decode = (data) => { - return Buffer.from(data, "base64").toString("utf-8") -} -const b64Encode = global.b64Encode = (data) => { - return Buffer.from(data, "utf-8").toString("base64") -} - const ExtractJwt = require("passport-jwt").ExtractJwt const LocalStrategy = require("passport-local").Strategy @@ -188,11 +190,11 @@ class Server { passwordField: "password", session: false }, (username, password, done) => { - User.findOne({ username: b64Decode(username) }).select("+password") + User.findOne({ username }).select("+password") .then((data) => { if (data === null) { return done(null, false, this.options.jwtStrategy) - } else if (!bcrypt.compareSync(b64Decode(password), data.password)) { + } else if (!bcrypt.compareSync(password, data.password)) { return done(null, false, this.options.jwtStrategy) }