github/meteor
1
1
Fork 0
mirror of https://github.com/meteor/meteor.git synced 2026-05-02 03:01:46 -04:00
Code Issues Packages Projects Releases Wiki Activity

Semi-expose password hashing

Browse Source 
See #3410.
This commit is contained in:
David Glasser
2015-01-13 19:12:17 -08:00
committed by ekatek
parent f446fbc292
commit 4ba315d2f6
1 changed files with 7 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
packages/accounts-password/password_client.js
View File

@@ -25,7 +25,7 @@ Meteor.loginWithPassword = function (selector, password, callback) {
Accounts.callLoginMethod({
methodArguments: [{
user: selector,
password: hashPassword(password)
password: Accounts._hashPassword(password)
}],
userCallback: function (error, result) {
if (error && error.error === 400 &&
@@ -57,7 +57,7 @@ Meteor.loginWithPassword = function (selector, password, callback) {
});
};
var hashPassword = function (password) {
Accounts._hashPassword = function (password) {
return {
digest: SHA256(password),
algorithm: "sha-256"
@@ -85,7 +85,7 @@ var srpUpgradePath = function (options, callback) {
methodArguments: [{
user: options.userSelector,
srp: SHA256(details.identity + ":" + options.plaintextPassword),
password: hashPassword(options.plaintextPassword)
password: Accounts._hashPassword(options.plaintextPassword)
}],
userCallback: callback
});
@@ -116,7 +116,7 @@ Accounts.createUser = function (options, callback) {
}
// Replace password with the hashed password.
options.password = hashPassword(options.password);
options.password = Accounts._hashPassword(options.password);
Accounts.callLoginMethod({
methodName: 'createUser',
@@ -156,7 +156,8 @@ Accounts.changePassword = function (oldPassword, newPassword, callback) {
Accounts.connection.apply(
'changePassword',
[oldPassword ? hashPassword(oldPassword) : null, hashPassword(newPassword)],
[oldPassword ? Accounts._hashPassword(oldPassword) : null,
Accounts._hashPassword(newPassword)],
function (error, result) {
if (error || !result) {
if (error && error.error === 400 &&
@@ -234,7 +235,7 @@ Accounts.resetPassword = function(token, newPassword, callback) {
Accounts.callLoginMethod({
methodName: 'resetPassword',
methodArguments: [token, hashPassword(newPassword)],
methodArguments: [token, Accounts._hashPassword(newPassword)],
userCallback: callback});
};