From bd0c7ce04213a297cf13f85ac63de34785796306 Mon Sep 17 00:00:00 2001
From: Philipp Dormann <philipp.dormann1@gmail.com>
Date: Sat, 5 Dec 2020 11:18:12 +0100
Subject: [PATCH] =?UTF-8?q?=F0=9F=9A=A7=20CreateAuth=20-=20credential=20va?=
 =?UTF-8?q?lidation?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

ref #12
---
 src/models/creation/CreateAuth.ts | 26 +++++++++++++++++++-------
 1 file changed, 19 insertions(+), 7 deletions(-)

diff --git a/src/models/creation/CreateAuth.ts b/src/models/creation/CreateAuth.ts
index b2c9727..564d6f5 100644
--- a/src/models/creation/CreateAuth.ts
+++ b/src/models/creation/CreateAuth.ts
@@ -1,7 +1,8 @@
+import * as argon2 from "argon2";
 import { IsEmail, IsOptional, IsString } from 'class-validator';
 import * as jsonwebtoken from 'jsonwebtoken';
 import { getConnectionManager } from 'typeorm';
-import { PasswordNeededError, UserNotFoundError } from '../../errors/AuthError';
+import { InvalidCredentialsError, PasswordNeededError, UserNotFoundError } from '../../errors/AuthError';
 import { UsernameOrEmailNeededError } from '../../errors/UserErrors';
 import { Auth } from '../entities/Auth';
 import { User } from '../entities/User';
@@ -31,12 +32,23 @@ export class CreateAuth {
             throw new UserNotFoundError()
         } else {
             const found_user = found_users[0]
-            // TODO: proper jwt creation
-            const token = jsonwebtoken.sign({}, "securekey")
-            newAuth.access_token = token
-            newAuth.refresh_token = token
-            newAuth.access_token_expires_at = 1587349200
-            newAuth.refresh_token_expires_at = 1587349200
+            console.log(found_user.password);
+            // try {
+            if (await argon2.verify(found_user.password, this.password + found_user.uuid)) {
+                // password match
+                // TODO: proper jwt creation
+                const token = jsonwebtoken.sign({}, "securekey")
+                newAuth.access_token = token
+                newAuth.refresh_token = token
+                newAuth.access_token_expires_at = 1587349200
+                newAuth.refresh_token_expires_at = 1587349200
+            } else {
+                // password did not match
+                throw new InvalidCredentialsError()
+            }
+            //   } catch (err) {
+            //     // internal failure
+            //   }
 
         }
         return newAuth;