Skip to content

Instantly share code, notes, and snippets.

@CrabDude
Last active August 29, 2015 14:20
Show Gist options
  • Save CrabDude/ed88a7471127f53fde11 to your computer and use it in GitHub Desktop.
Save CrabDude/ed88a7471127f53fde11 to your computer and use it in GitHub Desktop.
async()=>{
// Pointless calling await because crypto.pbkdf2 returns nothing
await crypto.pbkdf2('asdf', 'salt', 4096, 512, 'sha256', function(err, key) {
if (err) throw err
user.password = key.toString('hex')
console.log(user.password)
// return key.toString('hex') // 'c5e478d...1469e50'
})
// should be...
let hash = await crypto.pbkdf2('asdf', 'salt', 4096, 512, 'sha256')
user.password = hash.toString('hex')
}()
passport.use(new LocalStrategy({
// Use "email" field instead of "username"
usernameField: 'email',
// We'll need this later
failureFlash: true
}, nodeifyit(async (email, password) => {
if (email !== user.email) {
console.log(user.password)
return [false, {message: 'Invalid username'}]
}
let pa = null
// Again, pointless calling await because crypto.pbkdf2 returns nothing
await crypto.pbkdf2(password, 'salt', 4096, 512, 'sha256', function(err, key) {
if (err) throw err
pa = key.toString('hex')
// 'c5e478d...1469e50'
console.log(pa)
console.log("compare: " + pa === user.password)
})
// should be...
let hash = await crypto.promise.pbkdf2(password, 'salt', 4096, 512, 'sha256')
pa = hash.toString('hex')
// 'c5e478d...1469e50'
// With the original code, pa will ALWAYS be null because the callback fires on a different event loop tick
if ( pa !== user.password) {
return [false, {message: 'Invalid password'}]
}
return user
}, {spread: true})))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment