From 1e9e4cdf943e4cf90dc2c5f78acf6de9ab586c69 Mon Sep 17 00:00:00 2001
From: arnaucode <idoctnef@openmailbox.org>
Date: Sun, 23 Oct 2016 12:14:53 +0200
Subject: [PATCH] hash of password passed from md5 to sha256

---
 controllers/userController.js | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/controllers/userController.js b/controllers/userController.js
index f775807..e110394 100644
--- a/controllers/userController.js
+++ b/controllers/userController.js
@@ -10,6 +10,8 @@ var express         = require("express");
 var app             = express();
 var config = require('../config'); // get our config file
 app.set('superSecret', config.secret); // secret variable
+
+var crypto = require('crypto');
 /* */
 
 //GET - Return all Users in the DB
@@ -75,7 +77,7 @@ exports.addUser = function(req, res) {
 
 	var user = new userModel({
 		username: req.body.username,
-		password: md5(req.body.password),
+		password: crypto.createHash('sha256').update(req.body.password).digest('base64'),
 	    description:   req.body.description,
 	    avatar:   req.body.avatar,
 	    mail:   req.body.mail,
@@ -237,7 +239,7 @@ exports.login = function(req, res) {
       res.json({ success: false, message: 'Authentication failed. User not found.' });
     } else if (user) {
 
-			req.body.password=md5(req.body.password);
+			req.body.password=crypto.createHash('sha256').update(req.body.password).digest('base64');
 
       // check if password matches
       if (user.password != req.body.password) {