36 lines
916 B
JavaScript
36 lines
916 B
JavaScript
import { createHash, timingSafeEqual } from 'node:crypto';
|
|
import * as config from '../../config.mjs';
|
|
|
|
/**
|
|
* Calculate the SHA256 hash of a password string with a salt.
|
|
* @param {string} password - The password to hash.
|
|
* @returns {string} The SHA256 hash of the password with the salt.
|
|
*/
|
|
export function hashPassword(password) {
|
|
const hasher = createHash('sha256');
|
|
hasher.update(config.secret);
|
|
hasher.update(password);
|
|
return hasher.digest();
|
|
}
|
|
|
|
/**
|
|
* Check if a password is too weak.
|
|
* @param {string} password - The password to check.
|
|
* @returns {boolean} true if the password is too weak.
|
|
*/
|
|
export function isWeakPassword(password) {
|
|
if (password.length > 8) {
|
|
return false;
|
|
}
|
|
|
|
if (password.length < 6) {
|
|
return true;
|
|
}
|
|
|
|
const weak_passwords = ['123456', '111111', '666666', '12345678', '88888888'];
|
|
if (weak_passwords.includes(password)) {
|
|
return true;
|
|
}
|
|
return false;
|
|
}
|