-
Notifications
You must be signed in to change notification settings - Fork 71
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
ace8647
commit b21c026
Showing
7 changed files
with
85 additions
and
30 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
import { generateSalt, generateDerivedKey } from './key-generation'; | ||
|
||
describe(generateDerivedKey.name, () => { | ||
test('a bcrypt hash is returned', async () => { | ||
const salt = '$2a$12$BwnByfKrfRbpxsazN712T.'; | ||
const password = 'f255cadb0af84854819c63f26c53e1a9'; | ||
const result = await generateDerivedKey({ salt, password }); | ||
expect(result).toEqual('$2a$12$BwnByfKrfRbpxsazN712T.ckDPUEMy2RJR6pyE8kOf2l3IMaxZ7R6'); | ||
}); | ||
}); | ||
|
||
describe(generateSalt.name, () => { | ||
test('that bcrypt salt is returned', async () => { | ||
const salt = await generateSalt(); | ||
expect(salt).toBeDefined(); | ||
expect(salt[0]).toEqual('$'); | ||
expect(salt.length).toEqual(29); | ||
}); | ||
|
||
test('that salt fn is memoized per client', async () => { | ||
const salt1 = await generateSalt(); | ||
const salt2 = await generateSalt(); | ||
expect(salt1).toEqual(salt2); | ||
}); | ||
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
import bcryptjs from 'bcryptjs'; | ||
import { memoizeWith, identity } from 'ramda'; | ||
|
||
// 980aa096dd224bd69685583b363de2be | ||
export async function generateDerivedKey({ password, salt }: { password: string; salt: string }) { | ||
return bcryptjs.hash(password, salt); | ||
} | ||
|
||
export const generateSalt = memoizeWith(identity, async () => await bcryptjs.genSalt(12)); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
import zxcvbn, { ZXCVBNResult } from 'zxcvbn'; | ||
import { validatePassword, blankPasswordValidation } from './validate-password'; | ||
|
||
jest.mock('zxcvbn', () => jest.fn(() => ({ score: 4 }))); | ||
|
||
const badPassword = 'password'; | ||
|
||
describe(validatePassword.name, () => { | ||
test('that zxcvbn is called', () => { | ||
validatePassword(badPassword); | ||
expect(zxcvbn).toHaveBeenCalledWith(badPassword); | ||
}); | ||
|
||
test('password of < 12 char length is invalid', () => { | ||
const result = validatePassword(badPassword); | ||
expect(result.meetsLengthRequirement).toBeFalsy(); | ||
}); | ||
|
||
test('really long passwords are truncated to 100chars', () => { | ||
const reallyLongPw = [ | ||
'786293ebd1d043b685cd4d360d5c731d', | ||
'9a47843cdc1b49c0992f7fa63a8c671a', | ||
'd5515430068043fbb7200e6a71f05a42', | ||
'6cfab267043f4265a52120f7174bd553', | ||
'8b94e6678d8440eab7fb4dd0a5eae7ef', | ||
'bdd440b629e34307b1aeebf0722cfccd', | ||
'47c4f0539b7348ed81710cfeb50c1e2a', | ||
'ec57a8cc23334e1e962e6441871626c3', | ||
'4460527a5e10406796b4174c4dd979ed', | ||
] | ||
.join('') | ||
.toString(); | ||
validatePassword(reallyLongPw); | ||
expect(zxcvbn).toHaveBeenCalledWith(reallyLongPw.substr(0, 100)); | ||
}); | ||
}); |
This file was deleted.
Oops, something went wrong.
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters