|
var crypto = require("crypto"); |
|
|
|
// user submitted form with email + pwd |
|
var pwd = req.params.pwd; |
|
|
|
// fetch result from DB ... |
|
|
|
// retrieve hash from DB and compare to pwd |
|
var result = <RESULT>; |
|
|
|
var meta = fromStore.split(":"); |
|
var salt = new Buffer(meta[1], "base64"); |
|
var hash = meta[0]; |
|
|
|
// encrypt+salt password |
|
var encrypted = crypto.pbkdf2(pwd, salt, 10000, 64, function(err, key) { |
|
if (err) { |
|
return reject(err); |
|
} |
|
key.toString("base64")); |
|
}); |
|
|
|
// check if passwords match |
|
if (hash !== encrypted) { |
|
throw new Error("credentials unknown"); |
|
} |
|
|
|
// user is logged in ... |
