Remove couch-pwd dependency

Replaces couch-pwd dependency with local code. No other changes. Fixes colinskow#202, Fixes colinskow#64, Related to colinskow#197.
gingko · Jan 8, 2020 · 7bf5626 · 7bf5626
1 parent 8e7c7c1
commit 7bf5626
Show file tree

Hide file tree

Showing 2 changed files with 29 additions and 20 deletions.
diff --git a/lib/util.js b/lib/util.js
@@ -3,9 +3,14 @@
 var BPromise = require('bluebird');
 var URLSafeBase64 = require('urlsafe-base64');
 var uuid = require('uuid');
-var pwd = require('couch-pwd');
 var crypto = require('crypto');
 
+var keylen = 20;
+var size = 16;
+var iterations = 10;
+var encoding = 'hex';
+var digest = 'SHA1';
+
 exports.URLSafeUUID = function() {
   return URLSafeBase64.encode(uuid.v4(null, new Buffer(16)));
 };
@@ -16,37 +21,42 @@ exports.hashToken = function(token) {
 
 exports.hashPassword = function (password) {
   return new BPromise(function (resolve, reject) {
-    pwd.hash(password, function (err, salt, hash) {
-      if (err) {
-        return reject(err);
-      }
-      return resolve({
-        salt: salt,
-        derived_key: hash
+    crypto.randomBytes(size, function(err, salt) {
+      if (err) return reject(err);
+
+      salt = salt.toString('hex');
+
+      crypto.pbkdf2(password, salt, iterations, keylen, digest, function(err, hash){
+        if (err) return reject(err);
+
+        return resolve({ salt: salt, derived_key: hash.toString(encoding)});
       });
     });
   });
 };
 
 exports.verifyPassword = function (hashObj, password) {
-  var getHash = BPromise.promisify(pwd.hash, {context: pwd});
-  var iterations = hashObj.iterations;
   var salt = hashObj.salt;
+  var iterations = hashObj.iterations || 10;
+
   var derived_key = hashObj.derived_key;
-  if (iterations) {
-    pwd.iterations(iterations);
-  }
   if(!salt || !derived_key) {
     return BPromise.reject(false);
   }
-  return getHash(password, salt)
-    .then(function (hash) {
-      if (hash === derived_key) {
-        return BPromise.resolve(true);
+
+  return new BPromise(function (resolve, reject) {
+    crypto.pbkdf2(password, salt, iterations, keylen, digest, function(err, hash) {
+      if (err) {
+        return reject(false);
+      }
+
+      if (hash.toString(encoding) === derived_key) {
+        return resolve(true);
       } else {
-        return BPromise.reject(false);
+        return reject(false);
       }
     });
+  });
 };
 
 exports.getDBURL = function(db) {
@@ -224,4 +234,4 @@ exports.arrayUnion = function (a, b) {
     }
   }
   return result;
-};
+};
diff --git a/package.json b/package.json
@@ -34,7 +34,6 @@
   "homepage": "https://github.com/colinskow/superlogin",
   "dependencies": {
     "bluebird": "^3.3.4",
-    "couch-pwd": "github:zeMirco/couch-pwd",
     "ejs": "^2.3.1",
     "express": "^4.13.3",
     "extend": "^3.0.0",