From 3aeb9dd0f17e8abdaaec37258bdf6b6dd2b22950 Mon Sep 17 00:00:00 2001 From: joseji Date: Tue, 22 Nov 2022 11:12:07 +0100 Subject: [PATCH] fixes added --- .../src/graphql/resolver/UserResolver.test.ts | 24 +++++++++++++++++++ backend/src/password/EncryptorUtils.ts | 2 ++ backend/src/password/PasswordEncryptor.ts | 4 ++-- .../0053-change_password_encryption.ts | 2 ++ 4 files changed, 30 insertions(+), 2 deletions(-) diff --git a/backend/src/graphql/resolver/UserResolver.test.ts b/backend/src/graphql/resolver/UserResolver.test.ts index 4e05aadd6..377dfa131 100644 --- a/backend/src/graphql/resolver/UserResolver.test.ts +++ b/backend/src/graphql/resolver/UserResolver.test.ts @@ -39,6 +39,7 @@ import { bobBaumeister } from '@/seeds/users/bob-baumeister' import { encryptPassword } from '@/password/PasswordEncryptor' import { PasswordEncryptionType } from '../enum/PasswordEncryptionType' import { SecretKeyCryptographyCreateKey } from '@/password/EncryptorUtils' +import { tokenToString } from 'typescript' // import { klicktippSignIn } from '@/apis/KlicktippController' @@ -1220,6 +1221,29 @@ describe('UserResolver', () => { }), ) }) + + it('can login after password change', async () => { + resetToken() + expect(await mutate({ mutation: login, variables: variables })).toEqual( + expect.objectContaining({ + data: { + login: { + email: 'bibi@bloxberg.de', + firstName: 'Bibi', + hasElopage: false, + id: expect.any(Number), + isAdmin: null, + klickTipp: { + newsletterState: false, + }, + language: 'de', + lastName: 'Bloxberg', + publisherId: 1234, + }, + }, + }), + ) + }) }) }) }) diff --git a/backend/src/password/EncryptorUtils.ts b/backend/src/password/EncryptorUtils.ts index 2ca47109d..971b6a32e 100644 --- a/backend/src/password/EncryptorUtils.ts +++ b/backend/src/password/EncryptorUtils.ts @@ -53,6 +53,7 @@ export const SecretKeyCryptographyCreateKey = (salt: string, password: string): export const getUserCryptographicSalt = (dbUser: User): string => { switch (dbUser.passwordEncryptionType) { case PasswordEncryptionType.NO_PASSWORD: { + logger.error('Password not set for user ' + dbUser.id) throw new Error('Password not set for user ' + dbUser.id) // user has no password } case PasswordEncryptionType.EMAIL: { @@ -64,6 +65,7 @@ export const getUserCryptographicSalt = (dbUser: User): string => { break } default: + logger.error(`Unknown password encryption type: ${dbUser.passwordEncryptionType}`) throw new Error(`Unknown password encryption type: ${dbUser.passwordEncryptionType}`) } } diff --git a/backend/src/password/PasswordEncryptor.ts b/backend/src/password/PasswordEncryptor.ts index 2c6ebfb0f..3dc0736df 100644 --- a/backend/src/password/PasswordEncryptor.ts +++ b/backend/src/password/PasswordEncryptor.ts @@ -3,8 +3,8 @@ import { User } from '@entity/User' import { getUserCryptographicSalt, SecretKeyCryptographyCreateKey } from './EncryptorUtils' export const encryptPassword = (dbUser: User, password: string): bigint => { - const basicKey = getUserCryptographicSalt(dbUser) - const keyBuffer = SecretKeyCryptographyCreateKey(basicKey, password) // return short and long hash + const salt = getUserCryptographicSalt(dbUser) + const keyBuffer = SecretKeyCryptographyCreateKey(salt, password) // return short and long hash const passwordHash = keyBuffer[0].readBigUInt64LE() return passwordHash } diff --git a/database/migrations/0053-change_password_encryption.ts b/database/migrations/0053-change_password_encryption.ts index 0c8632186..635109430 100644 --- a/database/migrations/0053-change_password_encryption.ts +++ b/database/migrations/0053-change_password_encryption.ts @@ -13,6 +13,8 @@ export async function upgrade(queryFn: (query: string, values?: any[]) => Promis await queryFn( 'ALTER TABLE users ADD COLUMN password_encryption_type int(10) NOT NULL DEFAULT 0 AFTER password;', ) + await queryFn(`UPDATE users SET password_encryption_type = 1 WHERE id IN + (SELECT user_id FROM user_contacts WHERE email_checked = 1)`) } export async function downgrade(queryFn: (query: string, values?: any[]) => Promise>) {