updated constructor to make it easier

MattPlayGamez · Dec 12, 2024 · ba758e4 · ba758e4
1 parent 037158c
commit ba758e4
Show file tree

Hide file tree

Showing 8 changed files with 48 additions and 70 deletions.
diff --git a/file.js b/file.js
@@ -48,25 +48,17 @@ function loadUsersFromFile(filePath, password) {
 
 class Authenticator {
 
-    /**
-     * Constructor for the Authenticator class
-     * @param {string} QR_LABEL - label for the QR code
-     * @param {number} rounds - number of rounds for bcrypt
-     * @param {string} JWT_SECRET_KEY - secret key for signing JWTs
-     * @param {object} JWT_OPTIONS - options for JWTs such as expiresIn
-     * @param {number} maxLoginAttempts - maximum number of login attempts
-     * @param {string} DB_FILE_PATH - path to the file where the users are stored
-     * @param {string} DB_PASSWORD - password to decrypt the file
-     */
-    constructor(QR_LABEL, rounds, JWT_SECRET_KEY, JWT_OPTIONS, maxLoginAttempts, DB_FILE_PATH, DB_PASSWORD) {
-        this.QR_LABEL = QR_LABEL;
-        this.rounds = rounds;
-        this.JWT_SECRET_KEY = JWT_SECRET_KEY;
-        this.JWT_OPTIONS = JWT_OPTIONS;
-        this.maxLoginAttempts = maxLoginAttempts - 2;
-        this.users = loadUsersFromFile(DB_FILE_PATH, DB_PASSWORD);
-        this.DB_FILE_PATH = DB_FILE_PATH
-        this.DB_PASSWORD = DB_PASSWORD
+
+    constructor() {
+        this.QR_LABEL = "Authenticator";
+        this.rounds = 12;
+        this.JWT_SECRET_KEY = "changeme";
+        this.JWT_OPTIONS = { expiresIn: "1h" };
+        this.maxLoginAttempts = 13
+        this.maxLoginAttempts = this.maxLoginAttempts - 2;
+        this.DB_FILE_PATH = "./users.db"
+        this.DB_PASSWORD = "changeme"
+        this.users = loadUsersFromFile(this.DB_FILE_PATH, this.DB_PASSWORD);
         this.OTP_ENCODING = 'base32'
         this.lockedText = "User is locked"
         this.OTP_WINDOW = 1 // How many OTP codes can be used before and after the current one (usefull for slower people, recommended 1)
@@ -77,6 +69,7 @@ class Authenticator {
 
         // Override methods to update file when users array changes
         const originalPush = this.users.push;
+
         this.users.push = (...args) => {
             const result = originalPush.apply(this.users, args);
             saveUsersToFile(this.users, this.DB_FILE_PATH, this.DB_PASSWORD);
@@ -142,11 +135,11 @@ class Authenticator {
 
         try {
             const result = await bcrypt.compare(password, account.password);
-            
+
             if (!result) {
-                
+
                 (account.loginAttempts >= this.maxLoginAttempts) ? this.lockUser(account.id) : await this.changeLoginAttempts(account._id, account.loginAttempts + 1)
-                
+
                 return null
             };
             if (account) {

diff --git a/file.test.js b/file.test.js
@@ -28,10 +28,10 @@ describe('Authenticator Class Tests', () => {
     let emailCode = ""
 
     beforeAll(async () => {
-        authenticator = new Authenticator(
-            'TestApp', 10, JWT_SECRET, { expiresIn: '1h' }, 3, "app.db", "password123"
-        );
+        authenticator = new Authenticator();
+        authenticator.rounds = 10
         authenticator.ALLOW_DB_DUMP = true
+        authenticator.JWT_SECRET_KEY = JWT_SECRET
 
     });
 
@@ -216,7 +216,7 @@ describe('Authenticator Class Tests', () => {
 
     afterAll(async () => {
         console.log(await authenticator.dumpDB())
-        fs.unlinkSync("./app.db")
+        fs.unlinkSync(authenticator.DB_FILE_PATH)
     });
 
 });
diff --git a/memory.js b/memory.js
@@ -8,27 +8,17 @@ const fs = require('fs');
 const Crypto = require('node:crypto')
 
 
-const algorithm = 'aes-256-ctr';
-
 class Authenticator {
 
-    /**
-     * Constructor for the Authenticator class
-     * @param {string} QR_LABEL - label for the QR code
-     * @param {number} rounds - number of rounds for bcrypt
-     * @param {string} JWT_SECRET_KEY - secret key for signing JWTs
-     * @param {object} JWT_OPTIONS - options for JWTs such as expiresIn
-     * @param {number} maxLoginAttempts - maximum number of login attempts
-     * @param {string} DB_FILE_PATH - path to the file where the users are stored
-     * @param {string} DB_PASSWORD - password to decrypt the file
-     */
-    constructor(QR_LABEL, rounds, JWT_SECRET_KEY, JWT_OPTIONS, maxLoginAttempts, USER_ARRAY) {
-        this.QR_LABEL = QR_LABEL;
-        this.rounds = rounds;
-        this.JWT_SECRET_KEY = JWT_SECRET_KEY;
-        this.JWT_OPTIONS = JWT_OPTIONS;
-        this.maxLoginAttempts = maxLoginAttempts - 2;
-        this.users = USER_ARRAY;
+    constructor() {
+
+        this.QR_LABEL = "Authenticator";
+        this.rounds = 12;
+        this.JWT_SECRET_KEY = "changeme";
+        this.JWT_OPTIONS = { expiresIn: "1h" };
+        this.maxLoginAttempts = 13
+        this.maxLoginAttempts = this.maxLoginAttempts - 2;
+        this.users = []
         this.OTP_ENCODING = 'base32'
         this.lockedText = "User is locked"
         this.OTP_WINDOW = 1 // How many OTP codes can be used before and after the current one (usefull for slower people, recommended 1)
@@ -37,7 +27,6 @@ class Authenticator {
         this.USER_ALREADY_EXISTS_TEXT = "User already exists"
         this.ALLOW_DB_DUMP = false // Allowing DB Dumping is disabled by default can be enabled by setting ALLOW_DB_DUMP to true after initializing your class
 
-
     }
 
 

diff --git a/memory.test.js b/memory.test.js
@@ -27,9 +27,8 @@ describe('Authenticator Class Tests', () => {
     let emailCode = ""
 
     beforeAll(async () => {
-        authenticator = new Authenticator(
-            'TestApp', 10, JWT_SECRET, { expiresIn: '1h' }, 3, []
-        );
+        authenticator = new Authenticator()
+        authenticator.JWT_SECRET_KEY = JWT_SECRET
         authenticator.ALLOW_DB_DUMP = true
 
     });

diff --git a/mongodb.js b/mongodb.js
@@ -8,22 +8,18 @@ const Crypto = require('node:crypto')
 // Creëer het gebruikersmodel
 
 class Authenticator {
+
     /**
      * Constructor for the Authenticator class
-     * @param {string} QR_LABEL - label for the QR code
-     * @param {number} salt - salt for hashing passwords
-     * @param {string} JWT_SECRET_KEY - secret key for signing JWTs
-     * @param {object} JWT_OPTIONS - options for JWTs such as expiresIn
-     * @param {number} maxLoginAttempts - maximum number of login attempts
      * @param {string} MONGODB_CONNECTION_STRING - connection string for MongoDB
      * @param {mongoose.Schema} userSchema - schema for the User model
      */
-    constructor(QR_LABEL, salt, JWT_SECRET_KEY, JWT_OPTIONS, maxLoginAttempts, MONGODB_CONNECTION_STRING, userSchema) {
-        this.QR_LABEL = QR_LABEL;
-        this.salt = salt;
-        this.JWT_SECRET_KEY = JWT_SECRET_KEY;
-        this.JWT_OPTIONS = JWT_OPTIONS;
-        this.maxLoginAttempts = maxLoginAttempts;
+    constructor(MONGODB_CONNECTION_STRING, userSchema) {
+        this.QR_LABEL = "Authenticator";
+        this.rounds = 12;
+        this.JWT_SECRET_KEY = "changeme";
+        this.JWT_OPTIONS = { expiresIn: "1h" };
+        this.maxLoginAttempts = 3;
         mongoose.connect(MONGODB_CONNECTION_STRING);
         this.User = mongoose.model('User', userSchema)
         this.OTP_ENCODING = 'base32'
@@ -35,6 +31,7 @@ class Authenticator {
         this.ALLOW_DB_DUMP = false // Allowing DB Dumping is disabled by default can be enabled by setting ALLOW_DB_DUMP to true after initializing your class
     }
 
+
     /**
      * Registers a new user
      * @param {object} userObject - object with required keys: email, password, wants2FA, you can add custom keys too
@@ -43,7 +40,7 @@ class Authenticator {
      */
     async register(userObject) {
         try {
-            const hash = await bcrypt.hash(userObject.password, this.salt);
+            const hash = await bcrypt.hashSync(userObject.password, this.rounds);
             let newUser = new this.User({
                 ...userObject,
                 password: hash,
@@ -93,7 +90,7 @@ class Authenticator {
         try {
             const result = await bcrypt.compare(password, user.password);
             if (!result) {
-                
+
                 if (user.loginAttempts >= this.maxLoginAttempts) {
 
                     this.lockUser(user._id);
@@ -244,7 +241,7 @@ class Authenticator {
      */
     async resetPassword(userId, newPassword) {
         this.revokeUserTokens(userId)
-        const hash = await bcrypt.hash(newPassword, this.salt);
+        const hash = await bcrypt.hashSync(newPassword, this.rounds);
         return await this.User.findOneAndUpdate({ _id: userId }, { password: hash }, { new: true })
 
     }

diff --git a/mongodb.test.js b/mongodb.test.js
@@ -44,9 +44,9 @@ describe('Authenticator Class Tests', () => {
   let emailCode = ""
 
   beforeAll(async () => {
-    authenticator = new Authenticator(
-      'TestApp', 10, JWT_SECRET, { expiresIn: '1h' }, 3, MONGODB_CONNECTION_STRING, userSchema
-    );
+    authenticator = new Authenticator(MONGODB_CONNECTION_STRING, userSchema)
+    authenticator.rounds = 10
+    authenticator.JWT_SECRET_KEY = JWT_SECRET
     authenticator.ALLOW_DB_DUMP = true
 
   });

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "seamless-auth",
-  "version": "3.8.4",
+  "version": "3.8.5",
   "description": "A full fledged authentication system...",
   "type": "commonjs",
   "main": "memory.js",