pnpm@10.7, node@23, argon->@node-rs/argon2

2025-03-28 21:04:50 +01:00
parent 93e0cdf577
commit 78dcad0857
15 changed files with 5878 additions and 4487 deletions
--- a/src/middlewares/ScanAuth.ts
+++ b/src/middlewares/ScanAuth.ts
@@ -1,4 +1,4 @@
-import * as argon2 from "argon2";
+import { verify } from '@node-rs/argon2';
 import { Request, Response } from 'express';
 import { getConnectionManager } from 'typeorm';
 import { ScanStation } from '../models/entities/ScanStation';
@@ -58,7 +58,7 @@ const ScanAuth = async (req: Request, res: Response, next: () => void) => {
        if (station.enabled == false) {
            res.status(401).send({ http_code: 401, short: "station_disabled", message: "Station is disabled." });
        }
-        if (!(await argon2.verify(station.key, provided_token))) {
+        if (!(await verify(station.key, provided_token))) {
            res.status(401).send({ http_code: 401, short: "invalid_token", message: "Api token non-existent or invalid syntax." });
            return;
        }
--- a/src/middlewares/StatsAuth.ts
+++ b/src/middlewares/StatsAuth.ts
@@ -1,4 +1,4 @@
-import * as argon2 from "argon2";
+import { verify } from '@node-rs/argon2';
 import { Request, Response } from 'express';
 import { getConnectionManager } from 'typeorm';
 import { StatsClient } from '../models/entities/StatsClient';
@@ -55,7 +55,7 @@ const StatsAuth = async (req: Request, res: Response, next: () => void) => {
        }
    }
    else {
-        if (!(await argon2.verify(client.key, provided_token))) {
+        if (!(await verify(client.key, provided_token))) {
            res.status(401).send("Api token invalid.");
            return;
        }
--- a/src/models/actions/ResetPassword.ts
+++ b/src/models/actions/ResetPassword.ts
@@ -1,4 +1,4 @@
-import * as argon2 from "argon2";
+import { hash } from '@node-rs/argon2';
 import { IsNotEmpty, IsOptional, IsString } from 'class-validator';
 import * as jsonwebtoken from 'jsonwebtoken';
 import { getConnectionManager } from 'typeorm';
@@ -49,7 +49,7 @@ export class ResetPassword {
        if (found_user.refreshTokenCount !== decoded["refreshTokenCount"]) { throw new RefreshTokenCountInvalidError(); }

        found_user.refreshTokenCount = found_user.refreshTokenCount + 1;
-        found_user.password = await argon2.hash(this.password + found_user.uuid);
+        found_user.password = await hash(this.password + found_user.uuid);
        await getConnectionManager().get().getRepository(User).save(found_user);

        return "password reset successfull";
--- a/src/models/actions/create/CreateAuth.ts
+++ b/src/models/actions/create/CreateAuth.ts
@@ -1,4 +1,4 @@
-import * as argon2 from "argon2";
+import { verify } from '@node-rs/argon2';
 import { IsEmail, IsNotEmpty, IsOptional, IsString } from 'class-validator';
 import { getConnectionManager } from 'typeorm';
 import { InvalidCredentialsError, PasswordNeededError, UserDisabledError, UserNotFoundError } from '../../../errors/AuthError';
@@ -56,7 +56,7 @@ export class CreateAuth {
            throw new UserNotFoundError();
        }
        if (found_user.enabled == false) { throw new UserDisabledError(); }
-        if (!(await argon2.verify(found_user.password, this.password + found_user.uuid))) {
+        if (!(await verify(found_user.password, this.password + found_user.uuid))) {
            throw new InvalidCredentialsError();
        }

--- a/src/models/actions/create/CreateScanStation.ts
+++ b/src/models/actions/create/CreateScanStation.ts
@@ -1,4 +1,4 @@
-import * as argon2 from "argon2";
+import { hash } from '@node-rs/argon2';
 import { IsBoolean, IsInt, IsOptional, IsPositive, IsString } from 'class-validator';
 import crypto from 'crypto';
 import { getConnection } from 'typeorm';
@@ -44,7 +44,7 @@ export class CreateScanStation {

        let newUUID = uuid.v4().toUpperCase();
        newStation.prefix = crypto.createHash("sha3-512").update(newUUID).digest('hex').substring(0, 7).toUpperCase();
-        newStation.key = await argon2.hash(newStation.prefix + "." + newUUID);
+        newStation.key = await hash(newStation.prefix + "." + newUUID);
        newStation.cleartextkey = newStation.prefix + "." + newUUID;

        return newStation;
--- a/src/models/actions/create/CreateStatsClient.ts
+++ b/src/models/actions/create/CreateStatsClient.ts
@@ -1,4 +1,4 @@
-import * as argon2 from "argon2";
+import { hash } from '@node-rs/argon2';
 import { IsOptional, IsString } from 'class-validator';
 import crypto from 'crypto';
 import * as uuid from 'uuid';
@@ -25,7 +25,7 @@ export class CreateStatsClient {

        let newUUID = uuid.v4().toUpperCase();
        newClient.prefix = crypto.createHash("sha3-512").update(newUUID).digest('hex').substring(0, 7).toUpperCase();
-        newClient.key = await argon2.hash(newClient.prefix + "." + newUUID);
+        newClient.key = await hash(newClient.prefix + "." + newUUID);
        newClient.cleartextkey = newClient.prefix + "." + newUUID;

        return newClient;
--- a/src/models/actions/create/CreateUser.ts
+++ b/src/models/actions/create/CreateUser.ts
@@ -1,4 +1,4 @@
-import * as argon2 from "argon2";
+import { hash } from "@node-rs/argon2";
 import { passwordStrength } from "check-password-strength";
 import { IsBoolean, IsEmail, IsNotEmpty, IsOptional, IsPhoneNumber, IsString, IsUrl } from 'class-validator';
 import { getConnectionManager } from 'typeorm';
@@ -110,7 +110,7 @@ export class CreateUser {
        newUser.lastname = this.lastname
        newUser.uuid = uuid.v4()
        newUser.phone = this.phone
-        newUser.password = await argon2.hash(this.password + newUser.uuid);
+        newUser.password = await hash(this.password + newUser.uuid);
        newUser.groups = await this.getGroups();
        newUser.enabled = this.enabled;

--- a/src/models/actions/update/UpdateUser.ts
+++ b/src/models/actions/update/UpdateUser.ts
@@ -1,4 +1,4 @@
-import * as argon2 from "argon2";
+import { hash } from '@node-rs/argon2';
 import { passwordStrength } from "check-password-strength";
 import { IsBoolean, IsEmail, IsInt, IsNotEmpty, IsOptional, IsPhoneNumber, IsString, IsUrl } from 'class-validator';
 import { getConnectionManager } from 'typeorm';
@@ -111,7 +111,7 @@ export class UpdateUser {
            if (!password_strength.contains.includes("lowercase")) { throw new PasswordMustContainLowercaseLetterError(); }
            if (!password_strength.contains.includes("number")) { throw new PasswordMustContainNumberError(); }
            if (!(password_strength.length > 9)) { throw new PasswordTooShortError(); }
-            user.password = await argon2.hash(this.password + user.uuid);
+            user.password = await hash(this.password + user.uuid);
            user.refreshTokenCount = user.refreshTokenCount + 1;
        }

--- a/src/seeds/SeedUsers.ts
+++ b/src/seeds/SeedUsers.ts
@@ -1,4 +1,4 @@
-import * as argon2 from "argon2";
+import { hash } from '@node-rs/argon2';
 import { Connection } from 'typeorm';
 import { Factory, Seeder } from 'typeorm-seeding';
 import * as uuid from 'uuid';
@@ -33,7 +33,7 @@ export default class SeedUsers implements Seeder {
        initialUser.lastname = "demo";
        initialUser.username = "demo";
        initialUser.uuid = uuid.v4();
-        initialUser.password = await argon2.hash("demo" + initialUser.uuid);
+        initialUser.password = await hash("demo" + initialUser.uuid);
        initialUser.email = "demo@dev.lauf-fuer-kaya.de"
        initialUser.groups = [group];
        return await connection.getRepository(User).save(initialUser);