Skip to content

Instantly share code, notes, and snippets.

@edsadr

edsadr/answer.js Secret

Created September 30, 2020 20:30
Show Gist options
  • Save edsadr/93b6591efc3d658fa85e373c09bb8a17 to your computer and use it in GitHub Desktop.
Save edsadr/93b6591efc3d658fa85e373c09bb8a17 to your computer and use it in GitHub Desktop.
Download ZIP
NCD Workshop - Task 8.1
Raw
readme.md

Task 8.1

The answer.js file contains the following:

'use strict'

const {
  PORT, HASH
} = process.env

function login (user, passwd) {
  return user === 'node' && passwd === 'developer'
}

Using the Node-core API's or any framework or libraries of your choice, build a web-server listening for requests on PORT.

This server should have a single endpoint /login which should only accept a POST method with 2 mandatory parameters: username and Password

Said parameters should be provided to the login-function in order to validate a user. If the login returns ‘true’ return status code ‘200’. If not, then return 401. There is no need to send any other info, just the status code.

  • Modify the login function to check the password hashed provided in the variable HASH. This hash was created using 10 rounds of salt generation, compare the hash against the user submission.
  • Track the failing login attempts per IP and ban an IP when 3 failing attempts occurred. Any subsequent call from this IP should not be allowed and should return a 500 status code.
Raw
answer.js
'use strict'
const {
PORT, HASH
} = process.env
function login (user, passwd) {
return user === 'node' && passwd === 'developer'
}
Raw
package.json
{
"name": "submission",
"version": "1.0.0",
"description": "",
"main": "answer.js",
"scripts": {
"test": "echo \"Error: no test specified\" && exit 1"
},
"keywords": [],
"author": "",
"license": "UNLICENSED",
"dependencies": {}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment