From 1e55a648a5572e0985620032971f5cddeea10bbf Mon Sep 17 00:00:00 2001 From: Joe Previte Date: Mon, 7 Jun 2021 15:45:11 -0700 Subject: [PATCH] feat: check for empty str in isHashMatch --- src/node/cli.ts | 8 ++++++++ src/node/util.ts | 24 ++++++++++++++++-------- test/unit/node/util.test.ts | 16 ++++++++++++++-- yarn.lock | 22 +--------------------- 4 files changed, 39 insertions(+), 31 deletions(-) diff --git a/src/node/cli.ts b/src/node/cli.ts index 144e4548..a2fac418 100644 --- a/src/node/cli.ts +++ b/src/node/cli.ts @@ -263,6 +263,7 @@ export const parse = ( if (opts?.configFile) { msg = `error reading ${opts.configFile}: ${msg}` } + return new Error(msg) } @@ -286,6 +287,13 @@ export const parse = ( const split = splitOnFirstEquals(arg.replace(/^--/, "")) key = split[0] as keyof Args value = split[1] + } else { + const short = arg.replace(/^-/, "") + const pair = Object.entries(options).find(([, v]) => v.short === short) + if (pair) { + key = pair[0] as keyof Args + } + } if (!key || !options[key]) { throw error(`Unknown option ${arg}`) diff --git a/src/node/util.ts b/src/node/util.ts index 6fbabd0f..1b7bcd2c 100644 --- a/src/node/util.ts +++ b/src/node/util.ts @@ -134,6 +134,9 @@ export const hash = async (password: string): Promise => { * Used to verify if the password matches the hash */ export const isHashMatch = async (password: string, hash: string) => { + if (password === "" || hash === "") { + return false + } try { return await argon2.verify(hash, password) } catch (error) { @@ -209,11 +212,12 @@ type HandlePasswordValidationArgs = { * Checks if a password is valid and also returns the hash * using the PasswordMethod */ -export async function handlePasswordValidation( - passwordValidationArgs: HandlePasswordValidationArgs, -): Promise { - const { passwordMethod, passwordFromArgs, passwordFromRequestBody, hashedPasswordFromArgs } = passwordValidationArgs - // TODO implement +export async function handlePasswordValidation({ + passwordMethod, + passwordFromArgs, + passwordFromRequestBody, + hashedPasswordFromArgs, +}: HandlePasswordValidationArgs): Promise { const passwordValidation = { isPasswordValid: false, hashedPassword: "", @@ -257,10 +261,14 @@ export type IsCookieValidArgs = { } /** Checks if a req.cookies.key is valid using the PasswordMethod */ -export async function isCookieValid(isCookieValidArgs: IsCookieValidArgs): Promise { +export async function isCookieValid({ + passwordFromArgs = "", + cookieKey, + hashedPasswordFromArgs = "", + passwordMethod, +}: IsCookieValidArgs): Promise { let isValid = false - const { passwordFromArgs = "", cookieKey, hashedPasswordFromArgs = "" } = isCookieValidArgs - switch (isCookieValidArgs.passwordMethod) { + switch (passwordMethod) { case "PLAIN_TEXT": isValid = await isHashMatch(passwordFromArgs, cookieKey) break diff --git a/test/unit/node/util.test.ts b/test/unit/node/util.test.ts index 14a67445..a0679177 100644 --- a/test/unit/node/util.test.ts +++ b/test/unit/node/util.test.ts @@ -185,6 +185,18 @@ describe("isHashMatch", () => { const actual = await isHashMatch(password, _hash) expect(actual).toBe(true) }) + it("should return false if the password is empty", async () => { + const password = "" + const _hash = "$argon2i$v=19$m=4096,t=3,p=1$EAoczTxVki21JDfIZpTUxg$rkXgyrW4RDGoDYrxBFD4H2DlSMEhP4h+Api1hXnGnFY" + const actual = await isHashMatch(password, _hash) + expect(actual).toBe(false) + }) + it("should return false if the hash is empty", async () => { + const password = "hellowpasssword" + const _hash = "" + const actual = await isHashMatch(password, _hash) + expect(actual).toBe(false) + }) }) describe("hashLegacy", () => { @@ -325,7 +337,7 @@ describe("handlePasswordValidation", () => { }) }) -describe.only("isCookieValid", () => { +describe("isCookieValid", () => { it("should be valid if hashed-password for SHA256 matches cookie.key", async () => { const isValid = await isCookieValid({ passwordMethod: "SHA256", @@ -384,7 +396,7 @@ describe.only("isCookieValid", () => { }) }) -describe.only("sanitizeString", () => { +describe("sanitizeString", () => { it("should return an empty string if passed a type other than a string", () => { expect(sanitizeString({} as string)).toBe("") }) diff --git a/yarn.lock b/yarn.lock index c2071104..677b8fab 100644 --- a/yarn.lock +++ b/yarn.lock @@ -896,7 +896,7 @@ resolved "https://registry.yarnpkg.com/@iarna/toml/-/toml-2.2.5.tgz#b32366c89b43c6f8cefbdefac778b9c828e3ba8c" integrity sha512-trnsAYxU3xnS1gPHPyU961coFyLkh4gAD/0zQ5mymY4yOZ+CYvsPqUbOFSw0aDM4y0tV7tiFxL/1XfXPNC6IPg== -"@mapbox/node-pre-gyp@^1.0.0", "@mapbox/node-pre-gyp@^1.0.1": +"@mapbox/node-pre-gyp@^1.0.1": version "1.0.5" resolved "https://registry.yarnpkg.com/@mapbox/node-pre-gyp/-/node-pre-gyp-1.0.5.tgz#2a0b32fcb416fb3f2250fd24cb2a81421a4f5950" integrity sha512-4srsKPXWlIxp5Vbqz5uLfBN+du2fJChBoYn/f2h991WLdk7jUvcSk/McVLSv/X+xQIPI8eGD5GjrnygdyHnhPA== @@ -1059,13 +1059,6 @@ resolved "https://registry.yarnpkg.com/@tsconfig/node16/-/node16-1.0.1.tgz#a6ca6a9a0ff366af433f42f5f0e124794ff6b8f1" integrity sha512-FTgBI767POY/lKNDNbIzgAX6miIDBs6NTCbdlDb8TrWovHsSvaVIZDlTqym29C6UqhzwcJx4CYr+AlrMywA0cA== -"@types/bcrypt@^5.0.0": - version "5.0.0" - resolved "https://registry.yarnpkg.com/@types/bcrypt/-/bcrypt-5.0.0.tgz#a835afa2882d165aff5690893db314eaa98b9f20" - integrity sha512-agtcFKaruL8TmcvqbndlqHPSJgsolhf/qPWchFlgnW1gECTN/nKbFcoFnvKAQRFfKbh+BO6A3SWdJu9t+xF3Lw== - dependencies: - "@types/node" "*" - "@types/body-parser@*", "@types/body-parser@^1.19.0": version "1.19.0" resolved "https://registry.yarnpkg.com/@types/body-parser/-/body-parser-1.19.0.tgz#0685b3c47eb3006ffed117cdd55164b61f80538f" @@ -1773,14 +1766,6 @@ bcrypt-pbkdf@^1.0.0: dependencies: tweetnacl "^0.14.3" -bcrypt@^5.0.1: - version "5.0.1" - resolved "https://registry.yarnpkg.com/bcrypt/-/bcrypt-5.0.1.tgz#f1a2c20f208e2ccdceea4433df0c8b2c54ecdf71" - integrity sha512-9BTgmrhZM2t1bNuDtrtIMVSmmxZBrJ71n8Wg+YgdjHuIWYF7SjjmCPZFB+/5i/o/PIeRpwVJR3P+NrpIItUjqw== - dependencies: - "@mapbox/node-pre-gyp" "^1.0.0" - node-addon-api "^3.1.0" - binary-extensions@^1.0.0: version "1.13.1" resolved "https://registry.yarnpkg.com/binary-extensions/-/binary-extensions-1.13.1.tgz#598afe54755b2868a5330d2aff9d4ebb53209b65" @@ -5432,11 +5417,6 @@ node-addon-api@^3.0.2: resolved "https://registry.yarnpkg.com/node-addon-api/-/node-addon-api-3.2.1.tgz#81325e0a2117789c0128dab65e7e38f07ceba161" integrity sha512-mmcei9JghVNDYydghQmeDX8KoAm0FAiYyIcUt/N4nhyAipB17pllZQDOJD2fotxABnt4Mdz+dKTO7eftLg4d0A== -node-addon-api@^3.1.0: - version "3.2.0" - resolved "https://registry.yarnpkg.com/node-addon-api/-/node-addon-api-3.2.0.tgz#7028b56a7eb572b73873aed731a7f9c9365f5ee4" - integrity sha512-kcwSAWhPi4+QzAtsL2+2s/awvDo2GKLsvMCwNRxb5BUshteXU8U97NCyvQDsGKs/m0He9WcG4YWew/BnuLx++w== - node-fetch@^2.6.1: version "2.6.1" resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-2.6.1.tgz#045bd323631f76ed2e2b55573394416b639a0052"