From 93abe78f573f168f312f48bb5f2636146975903a Mon Sep 17 00:00:00 2001 From: idoctnef Date: Wed, 28 Sep 2016 20:41:41 +0200 Subject: [PATCH] hash of passwords with md5 done --- controllers/userController.js | 8 ++++++-- package.json | 3 ++- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/controllers/userController.js b/controllers/userController.js index f7d4401..9e86f43 100644 --- a/controllers/userController.js +++ b/controllers/userController.js @@ -2,6 +2,8 @@ var mongoose = require('mongoose'); var userModel = mongoose.model('userModel'); +var md5 = require('md5'); + /* */ var jwt = require('jsonwebtoken'); // used to create, sign, and verify tokens var express = require("express"); @@ -70,7 +72,7 @@ exports.addUser = function(req, res) { var user = new userModel({ username: req.body.username, - password: req.body.password, + password: md5(req.body.password), description: req.body.description, avatar: req.body.avatar, mail: req.body.mail, @@ -88,7 +90,7 @@ exports.addUser = function(req, res) { exports.updateUser = function(req, res) { userModel.findById(req.params.id, function(err, user) { user.username = req.body.username; - user.password = req.body.password; + user.password = md5(req.body.password); user.description = req.body.description; user.avatar = req.body.avatar; user.mail = req.body.mail; @@ -128,6 +130,8 @@ exports.login = function(req, res) { res.json({ success: false, message: 'Authentication failed. User not found.' }); } else if (user) { + req.body.password=md5(req.body.password); + // check if password matches if (user.password != req.body.password) { res.json({ success: false, message: 'Authentication failed. Wrong password.' }); diff --git a/package.json b/package.json index 48d6fa8..1470270 100644 --- a/package.json +++ b/package.json @@ -12,6 +12,7 @@ "jsonwebtoken": "latest", "method-override": "^2.1.2", "mongoose": "latest", - "morgan": "latest" + "morgan": "latest", + "md5": "latest" } }