Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
gzupanda
code-server
提交
6020480b
C
code-server
项目概览
gzupanda
/
code-server
与 Fork 源项目一致
从无法访问的项目Fork
通知
2
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
C
code-server
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
未验证
提交
6020480b
编写于
6月 02, 2021
作者:
J
Joe Previte
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
feat: add isCookieValid function and tests
上级
409b473c
变更
2
显示空白变更内容
内联
并排
Showing
2 changed file
with
86 addition
and
1 deletion
+86
-1
src/node/util.ts
src/node/util.ts
+25
-0
test/unit/node/util.test.ts
test/unit/node/util.test.ts
+61
-1
未找到文件。
src/node/util.ts
浏览文件 @
6020480b
...
...
@@ -249,6 +249,31 @@ export async function handlePasswordValidation(
return
passwordValidation
}
export
type
IsCookieValidArgs
=
{
passwordMethod
:
PasswordMethod
cookieKey
:
string
hashedPasswordFromArgs
:
string
|
undefined
passwordFromArgs
:
string
|
undefined
}
/** Checks if a req.cookies.key is valid using the PasswordMethod */
export
async
function
isCookieValid
(
isCookieValidArgs
:
IsCookieValidArgs
):
Promise
<
boolean
>
{
let
isValid
=
false
const
{
passwordFromArgs
=
""
,
cookieKey
,
hashedPasswordFromArgs
=
""
}
=
isCookieValidArgs
switch
(
isCookieValidArgs
.
passwordMethod
)
{
case
"
PLAIN_TEXT
"
:
isValid
=
await
isHashMatch
(
passwordFromArgs
,
cookieKey
)
break
case
"
ARGON2
"
:
case
"
SHA256
"
:
isValid
=
safeCompare
(
cookieKey
,
hashedPasswordFromArgs
)
break
default
:
break
}
return
isValid
}
const
mimeTypes
:
{
[
key
:
string
]:
string
}
=
{
"
.aac
"
:
"
audio/x-aac
"
,
"
.avi
"
:
"
video/x-msvideo
"
,
...
...
test/unit/node/util.test.ts
浏览文件 @
6020480b
...
...
@@ -6,6 +6,7 @@ import {
getPasswordMethod
,
hashLegacy
,
isHashLegacyMatch
,
isCookieValid
,
}
from
"
../../../src/node/util
"
describe
(
"
getEnvPaths
"
,
()
=>
{
...
...
@@ -234,7 +235,7 @@ describe("getPasswordMethod", () => {
})
})
describe
.
only
(
"
handlePasswordValidation
"
,
()
=>
{
describe
(
"
handlePasswordValidation
"
,
()
=>
{
it
(
"
should return true with a hashedPassword for a PLAIN_TEXT password
"
,
async
()
=>
{
const
p
=
"
password
"
const
passwordValidation
=
await
handlePasswordValidation
({
...
...
@@ -322,3 +323,62 @@ describe.only("handlePasswordValidation", () => {
expect
(
matchesHash
).
toBe
(
false
)
})
})
describe
.
only
(
"
isCookieValid
"
,
()
=>
{
it
(
"
should be valid if hashed-password for SHA256 matches cookie.key
"
,
async
()
=>
{
const
isValid
=
await
isCookieValid
({
passwordMethod
:
"
SHA256
"
,
cookieKey
:
"
936a185caaa266bb9cbe981e9e05cb78cd732b0b3280eb944412bb6f8f8f07af
"
,
hashedPasswordFromArgs
:
"
936a185caaa266bb9cbe981e9e05cb78cd732b0b3280eb944412bb6f8f8f07af
"
,
passwordFromArgs
:
undefined
,
})
expect
(
isValid
).
toBe
(
true
)
})
it
(
"
should be invalid if hashed-password for SHA256 does not match cookie.key
"
,
async
()
=>
{
const
isValid
=
await
isCookieValid
({
passwordMethod
:
"
SHA256
"
,
cookieKey
:
"
936a185caaa266bb9cbe981e9e05cb78cd732b0b3280eb9442bb6f8f8f07af
"
,
hashedPasswordFromArgs
:
"
936a185caaa266bb9cbe981e9e05cb78cd732b0b3280eb944412bb6f8f8f07af
"
,
passwordFromArgs
:
undefined
,
})
expect
(
isValid
).
toBe
(
false
)
})
it
(
"
should be valid if hashed-password for ARGON2 matches cookie.key
"
,
async
()
=>
{
const
isValid
=
await
isCookieValid
({
passwordMethod
:
"
ARGON2
"
,
cookieKey
:
"
$argon2i$v=19$m=4096,t=3,p=1$0qR/o+0t00hsbJFQCKSfdQ$oFcM4rL6o+B7oxpuA4qlXubypbBPsf+8L531U7P9HYY
"
,
hashedPasswordFromArgs
:
"
$argon2i$v=19$m=4096,t=3,p=1$0qR/o+0t00hsbJFQCKSfdQ$oFcM4rL6o+B7oxpuA4qlXubypbBPsf+8L531U7P9HYY
"
,
passwordFromArgs
:
undefined
,
})
expect
(
isValid
).
toBe
(
true
)
})
it
(
"
should be invalid if hashed-password for ARGON2 does not match cookie.key
"
,
async
()
=>
{
const
isValid
=
await
isCookieValid
({
passwordMethod
:
"
ARGON2
"
,
cookieKey
:
"
$argon2i$v=19$m=4096,t=3,p=1$0qR/o+0t00hsbJFQCKSfdQ$oFcM4rL6o+B7oxpuA4qlXubypbBPsf+8L531U7P9H
"
,
hashedPasswordFromArgs
:
"
$argon2i$v=19$m=4096,t=3,p=1$0qR/o+0t00hsbJFQCKSfdQ$oFcM4rL6o+B7oxpuA4qlXubypbBPsf+8L531U7P9HYY
"
,
passwordFromArgs
:
undefined
,
})
expect
(
isValid
).
toBe
(
false
)
})
it
(
"
should be valid if password for PLAIN_TEXT matches cookie.key
"
,
async
()
=>
{
const
isValid
=
await
isCookieValid
({
passwordMethod
:
"
PLAIN_TEXT
"
,
cookieKey
:
"
$argon2i$v=19$m=4096,t=3,p=1$0qR/o+0t00hsbJFQCKSfdQ$oFcM4rL6o+B7oxpuA4qlXubypbBPsf+8L531U7P9HYY
"
,
passwordFromArgs
:
"
password
"
,
hashedPasswordFromArgs
:
undefined
,
})
expect
(
isValid
).
toBe
(
true
)
})
it
(
"
should be invalid if hashed-password for PLAIN_TEXT does not match cookie.key
"
,
async
()
=>
{
const
isValid
=
await
isCookieValid
({
passwordMethod
:
"
PLAIN_TEXT
"
,
cookieKey
:
"
$argon2i$v=19$m=4096,t=3,p=1$0qR/o+0t00hsbJFQCKSfdQ$oFcM4rL6o+B7oxpuA4qlXubypbBPsf+8L531U7P9H
"
,
passwordFromArgs
:
"
password1234
"
,
hashedPasswordFromArgs
:
undefined
,
})
expect
(
isValid
).
toBe
(
false
)
})
})
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录