Authentication (#22)

* Authorization added * added secret to password, md5 hashing, removed promise from verifyToken, deleted links when not authorized * added dbinsert script * turned verifyToken to middleware, added description for dbinsert, added hidden csrf field in auth form * added middlewares, user model and controller * JSDoc fix * wrong password processing fix * added comments to dbinsert script, moved salt and passHash to singe db doc * Moved salt to .env, upgradedscript for generating password was, fixed comments and JSDoc * Deleted using salt (now user is only one), changed verifying password to bcrypt.compare, added httpyOnly property to jwt cookie
2025-07-26 00:29:45 +02:00 · 2019-03-06 13:22:57 +03:00 · 2019-03-06 13:22:57 +03:00 · 58d3892d8f
commit 58d3892d8f
parent 718be6d2f6
33 changed files with 1464 additions and 58 deletions
--- a/src/models/page.js
+++ b/src/models/page.js
@ -89,7 +89,7 @@ class Page {
  /**
   * Return PageData object
   *
-   * @returns {PageData}
+   * @return {PageData}
   */
  get data() {
    return {
--- a/src/models/user.js
+++ b/src/models/user.js
@ -0,0 +1,36 @@
+const { password: db } = require('../utils/database/index');
+
+/**
+ * @class User
+ * @class User model
+ *
+ * @property {string} passHash - hashed password
+ */
+class User {
+  /**
+   * Find and return model of user.
+   * User is only one.
+   *
+   * @returns {Promise<User>}
+   */
+  static async get() {
+    const data = await db.findOne({});
+
+    if (!data) {
+      return null;
+    }
+
+    return new User(data);
+  }
+
+  /**
+   * @constructor
+   *
+   * @param {Object} userData
+   */
+  constructor(userData) {
+    this.passHash = userData.passHash;
+  }
+}
+
+module.exports = User;