1234567891011121314151617181920212223242526272829303132333435363738394041424344454647 |
- var scrypt = require("scrypt");
-
- module.exports = function(ctx) {
- ctx.getPostData(function(err, data) {
- if (err)
- return ctx.fail(err);
-
- if (!data.username || !data.password)
- return ctx.fail("You must provide a username and a password.");
-
- ctx.db.query(
- "SELECT id, username, pass_hash "+
- "FROM users "+
- "WHERE username=$1",
- [data.username],
- queryCallback
- );
- });
-
- function queryCallback(err, res) {
- if (err)
- return ctx.fail(err);
-
- var user = res.rows[0];
-
- ctx.session.loggedIn = true;
- ctx.session.userId = user.id;
- ctx.session.username = user.username;
-
- if (!user)
- return ctx.fail("Wrong username or password.");
-
- scrypt.verify(
- new Buffer(user.pass_hash, "hex"),
- new Buffer(ctx.postData.data.password),
- function(err, success) {
- if (success) {
- ctx.succeed({
- id: user.id
- })
- } else {
- ctx.fail("Wrong username or password.");
- }
- }
- );
- }
- }
|