From 1f4be16a1de05c3c5019157ba5eb1c7eca1dd2d7 Mon Sep 17 00:00:00 2001 From: Florian Hartwich Date: Tue, 21 Mar 2017 03:53:45 +0100 Subject: [PATCH] Add user password encryption --- project-manager/package.json | 3 ++- project-manager/projects-server/db.json | 6 +++--- .../src/app/services/login-service/login-service.ts | 4 +++- 3 files changed, 8 insertions(+), 5 deletions(-) diff --git a/project-manager/package.json b/project-manager/package.json index e9f2ad2..3eac385 100644 --- a/project-manager/package.json +++ b/project-manager/package.json @@ -11,7 +11,7 @@ "test": "ng test", "pree2e": "webdriver-manager update --standalone false --gecko false", "e2e": "protractor", - "install-server" : "npm install --prefix ./projects-server ./projects-server", + "install-server": "npm install --prefix ./projects-server ./projects-server", "e2e-screenshots": "protractor ./protractor-html-reporter.conf.js", "postinstall": "npm run install-server" }, @@ -33,6 +33,7 @@ "rxjs": "^5.0.1", "socket.io-client": "^1.4.8", "ts-helpers": "^1.1.1", + "ts-md5": "^1.2.0", "zone.js": "^0.7.2" }, "devDependencies": { diff --git a/project-manager/projects-server/db.json b/project-manager/projects-server/db.json index af75b01..8e0ccd8 100644 --- a/project-manager/projects-server/db.json +++ b/project-manager/projects-server/db.json @@ -35,21 +35,21 @@ { "id": 301, "name": "admin", - "password": "admin", + "password": "ff9830c42660c1dd1942844f8069b74a", "edit_tasks": true, "change_settings": true }, { "id" : 302, "name": "user_edit", - "password": "secret", + "password": "ea847988ba59727dbf4e34ee75726dc3", "edit_tasks": true, "change_settings": false }, { "id" : 303, "name": "user", - "password": "secret", + "password": "5ebe2294ecd0e0f08eab7690d2a6ee69", "edit_tasks": false, "change_settings": false } diff --git a/project-manager/src/app/services/login-service/login-service.ts b/project-manager/src/app/services/login-service/login-service.ts index 041041b..3fe5672 100644 --- a/project-manager/src/app/services/login-service/login-service.ts +++ b/project-manager/src/app/services/login-service/login-service.ts @@ -4,6 +4,7 @@ import {Http} from '@angular/http'; import {Observable} from 'rxjs/Observable'; import {UserStore} from '../stores/user.store'; import {SOCKET_IO, AUTH_ENABLED} from '../../app.tokens'; +import {Md5} from 'ts-md5/dist/md5'; const BASE_URL = `http://localhost:3000/api/users`; @@ -34,7 +35,8 @@ export class LoginService { login(name, password) { if (this.getUser(name)) { let user = this.results$[0]; - if (user && user.password === password) { + let passMd5 = Md5.hashStr(password); + if (user && user.password === passMd5) { localStorage.setItem(CURRENT_USER, JSON.stringify(user)); return true; }