nosvalds
/ serverless.yml
Created
October 19, 2020 20:06
excerpt of serverless configuration for User table
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| functions: | |
| app: | |
| handler: index.handler | |
| events: | |
| - http: ANY / | |
| - http: 'ANY {proxy+}' | |
| resources: | |
| Resources: | |
| UsersDynamoDBTable: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const bcrypt = require('bcryptjs') | |
| /** | |
| * Compare password | |
| */ | |
| const comparePassword = (candidatePassword, trustedPassword) => { | |
| return bcrypt.compareSync(candidatePassword, trustedPassword) | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const table = process.env.USERS_TABLE; | |
| const AWS = require('aws-sdk'); | |
| const dynamodb = new AWS.DynamoDB.DocumentClient(); | |
| /** | |
| * Update password | |
| * @param {*} req - body.email, body.currentPassword, body.password1, body.password2 | |
| * @param {*} res | |
| */ | |
| const updatePassword = async (req, res) => { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const bcrypt = require('bcryptjs') | |
| /** | |
| * Hash password | |
| * @param string password | |
| */ | |
| const hashPassword = (password) => { | |
| const salt = bcrypt.genSaltSync(10) | |
| return bcrypt.hashSync(password, salt) | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const table = process.env.USERS_TABLE; | |
| const AWS = require('aws-sdk'); | |
| const dynamodb = new AWS.DynamoDB.DocumentClient(); | |
| /** | |
| * Validate password reset token entry | |
| * checks: | |
| * - token entry exists with the given token | |
| * - email on the token entry matches the user email | |
| * - token is not expired | |
| * |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const table = process.env.USERS_TABLE; | |
| const AWS = require('aws-sdk'); | |
| const dynamodb = new AWS.DynamoDB.DocumentClient(); | |
| /** | |
| * Reset password | |
| * @param {*} req - body.email, body.token, body.password1, body.password2 | |
| * @param {*} res | |
| */ | |
| const resetPassword = async (req, res) => { |
nosvalds
/ forgotPasswordEmail.html
Created
October 18, 2020 14:12
body snippet from the forgot password email html template
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!-- BEGIN BODY // --> | |
| <table border="0" cellpadding="0" cellspacing="0" width="100%" id="templateBody"> | |
| <tr> | |
| <td class="bodyContent" style="padding-top:0; padding-bottom:0;"> | |
| <img src="https://digitalhumani.com/img/logo-final.png" style="max-width:60px;" id="bodyImage" /> | |
| </td> | |
| </tr> | |
| <tr> | |
| <td valign="top" class="bodyContent"> | |
| <h1 style="color: #0A8A08 !important;">Password Reset Request</h1> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const table = process.env.USERS_TABLE; | |
| const AWS = require('aws-sdk'); | |
| const dynamodb = new AWS.DynamoDB.DocumentClient(); | |
| /** | |
| * Set a user's existing un-used reset tokens to used | |
| * @param {object} user user object | |
| */ | |
| const expirePasswordTokens = async (user) => { | |
| if (!user) throw new Error(`"user" is required`); |
nosvalds
/ createResetToken.js
Created
October 18, 2020 13:24
Function to create a password reset token
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| * Create password reset token using inbuilt crypto | |
| */ | |
| const createResetToken = () => { | |
| return require('crypto').randomBytes(32).toString('hex') | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "email": "<email>", | |
| "password": "<password hash>", | |
| "password_reset_tokens": { | |
| "f7cfb2dbda77e093baf2a078f2ceb8c65965b7382109f23bb4710a9f83ad9c59": { | |
| "expiration": "2020-06-30T00:00:00.00Z", | |
| "used": true, | |
| "created": "2020-06-29T23:00:00.00Z", | |
| "updated": "2020-06-29T23:00:00.00Z" | |
| }, |
NewerOlder