51 lines
1.1 KiB
JavaScript
Raw Normal View History

'use strict';
const bcrypt = require('bcryptjs');
/**
* hashes a password
* @param {string} password - password to hash
* @returns {string} hashed password
*/
const hashPassword = password => bcrypt.hash(password, 10);
/**
* Validate a password
* @param {string} password
* @param {string} hash
* @returns {boolean} is the password valid
*/
const validatePassword = (password, hash) => bcrypt.compare(password, hash);
/**
* Check login credentials
* @param {Object} options
* @param {string} options.email
* @param {string} options.password
*/
const checkCredentials = async ({ email, password }) => {
const user = await strapi.query('user', 'admin').findOne({ email });
if (!user || !user.password) {
return [null, false, { message: 'Invalid credentials' }];
}
const isValid = await validatePassword(password, user.password);
if (!isValid) {
return [null, false, { message: 'Invalid credentials' }];
}
if (!(user.isActive === true)) {
return [null, false, { message: 'User not active' }];
}
return [null, user];
};
module.exports = {
checkCredentials,
validatePassword,
hashPassword,
};