🚧 CreateAuth - credential validation

ref #12

src/models/creation/CreateAuth.ts

@@ -1,7 +1,8 @@
+import * as argon2 from "argon2";
 import { IsEmail, IsOptional, IsString } from 'class-validator';
 import * as jsonwebtoken from 'jsonwebtoken';
 import { getConnectionManager } from 'typeorm';
-import { PasswordNeededError, UserNotFoundError } from '../../errors/AuthError';
+import { InvalidCredentialsError, PasswordNeededError, UserNotFoundError } from '../../errors/AuthError';
 import { UsernameOrEmailNeededError } from '../../errors/UserErrors';
 import { Auth } from '../entities/Auth';
 import { User } from '../entities/User';
@@ -31,12 +32,23 @@ export class CreateAuth {
             throw new UserNotFoundError()
         } else {
             const found_user = found_users[0]
-            // TODO: proper jwt creation
+            console.log(found_user.password);
-            const token = jsonwebtoken.sign({}, "securekey")
+            // try {
-            newAuth.access_token = token
+            if (await argon2.verify(found_user.password, this.password + found_user.uuid)) {
-            newAuth.refresh_token = token
+                // password match
-            newAuth.access_token_expires_at = 1587349200
+                // TODO: proper jwt creation
-            newAuth.refresh_token_expires_at = 1587349200
+                const token = jsonwebtoken.sign({}, "securekey")
+                newAuth.access_token = token
+                newAuth.refresh_token = token
+                newAuth.access_token_expires_at = 1587349200
+                newAuth.refresh_token_expires_at = 1587349200
+            } else {
+                // password did not match
+                throw new InvalidCredentialsError()
+            }
+            //   } catch (err) {
+            //     // internal failure
+            //   }
 
         }
         return newAuth;