1
0
Fork 0
mirror of https://github.com/codex-team/codex.docs.git synced 2025-07-18 20:59:42 +02:00

Authentication (#22)

* Authorization added

* added secret to password, md5 hashing, removed promise from verifyToken, deleted links when not authorized

* added dbinsert script

* turned verifyToken to middleware, added description for dbinsert, added hidden csrf field in auth form

* added middlewares, user model and controller

* JSDoc fix

* wrong password processing fix

* added comments to dbinsert script, moved salt and passHash to singe db doc

* Moved salt to .env, upgradedscript for generating password was, fixed comments and JSDoc

* Deleted using salt (now user is only one), changed verifying password to bcrypt.compare, added httpyOnly property to jwt cookie
This commit is contained in:
Timur Kazantaev 2019-03-06 13:22:57 +03:00 committed by GitHub
parent 718be6d2f6
commit 58d3892d8f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
33 changed files with 1464 additions and 58 deletions

View file

@ -42,3 +42,9 @@ $ yarn lint
```
$ yarn test
```
### Authentication
To manage pages you need to authorize (available on `/auth`).
To generate password use `yarn generatePassword [password]` command.