trilium/routes/login.js
2017-10-21 21:10:33 -04:00

46 lines
1.3 KiB
JavaScript

"use strict";
const express = require('express');
const router = express.Router();
const utils = require('../services/utils');
const sql = require('../services/sql');
const my_scrypt = require('../services/my_scrypt');
router.get('', (req, res, next) => {
res.render('login', { 'failedAuth': false });
});
router.post('', async (req, res, next) => {
const userName = await sql.getOption('username');
const guessedPassword = req.body.password;
if (req.body.username === userName && await verifyPassword(guessedPassword)) {
const rememberMe = req.body.remember_me;
req.session.regenerate(() => {
if (rememberMe) {
req.session.cookie.maxAge = 21 * 24 * 3600000; // 3 weeks
} else {
req.session.cookie.expires = false;
}
req.session.loggedIn = true;
res.redirect('/');
});
}
else {
res.render('login', {'failedAuth': true});
}
});
async function verifyPassword(guessed_password) {
const hashed_password = utils.fromBase64(await sql.getOption('password_verification_hash'));
const guess_hashed = await my_scrypt.getVerificationHash(guessed_password);
return guess_hashed.equals(hashed_password);
}
module.exports = router;