clientConn.queryAsync("SELECT * from "+pschemaName+".tbusersecurity WHERE username = $1", [userName]).then(function(result) { var passwordList = ""; var passObj = null; if(result && result.rows && result.rows.length > 0) { // Make sure the password is correct bcrypt.compareAsync(password, result.rows[0].password).then(function(isMatch) { if(!isMatch) { res.json({message:"Error : Username or password not found"}); } else { res.json({message:"Success : Login successfull"}); } }); } else { console.log("Username or password not found"); logger.debug("UserControl login : Username or password not found = " + userName); res.json({message:"Username or password not found"}); } }).catch(function(err)
.then(function(model) { console.log("Model: ", model); if (model) { bcrypt.compareAsync(password, model.get('password')).then(function(exists){ console.log('response from bcrypt: ', exists); if (exists) { req.session.regenerate(function() { req.session.user = model; res.redirect('/'); }); } else { res.end("Wrong password."); } }); } else { res.end("User does not exist."); } });
validPassword: function(password, user) { return bcrypt.compareAsync(password, user.local.password); },
function isPasswordValid(password, user) { 'use strict'; return bcrypt.compareAsync(password, user.pass); }
clientConn.queryAsync("SELECT * from "+pschemaName+".tbusersecurity WHERE username = $1", [retUserName]).then(function(result) { var passwordList = ""; var passObj = null; if(result && result.rows && result.rows.length > 0) { // Make sure the password is correct bcrypt.compareAsync(retPassword, result.rows[0].password).then(function(isMatch) { if(!isMatch) { // at least one number, one lowercase and one uppercase letter // at least six characters logger.debug("UserControl newPassword : Password is not valid"); res.json({message:"Error : Password is not valid"}); res.end(); } else if(!ValidatePassword(retNewPassword)) { logger.debug("UserControl newPassword : Password should have min 6 and max 10 characters, one number, one lowercase and one uppercase"); res.json({message:"Error : Password should have min 6 and max 10 characters, one number, one lowercase and one uppercase"}); res.end(); } else { logger.debug("UserControl new password : Update new password."); bcrypt.genSaltAsync(5).then(function(salt) { bcrypt.hashAsync(retNewPassword, salt, null).then(function(hash) { return hash; }).then(function(retHashPwd) { //Check if password is from last 5 password list. if(result && result.rows && result.rows.length > 0) { //get the json data from database. passwordList = result.rows[0].oldpasswords.oldpasswords.slice(); //Verify if the new password is used in last 5 password list. VerifyPassword(0, retNewPassword, passwordList, false, function(err, isMatch) { if(err) { console.log("Error while updating the password " + err); logger.debug("Error while updating the password " + err); res.json({message:"Error : Error while updating the password " + err}); } else { if(isMatch) { console.log("New password was set earlier. Password should not be from last 5 passwords"); logger.debug("changePasswordRegister : Error : New password was set earlier. Password should not be from last 5 passwords"); res.json({message:"Error : New password was set earlier. Password should not be from last 5 passwords"}); } else { if(passwordList != null) { try { //Push the new password at zeroth position. passwordList.splice(0,0,retHashPwd); var updatedPassword = '******' + JSON.stringify(passwordList) + '}'; clientConn.queryAsync("UPDATE "+pschemaName+".tbusersecurity SET password=$1, oldpasswords=$2 WHERE userid = $3 RETURNING userid", [retHashPwd, JSON.parse(updatedPassword), result.rows[0].userid]).then(function(result){ if(result && result.rows && result.rows.length>0) { logger.debug("CreateCollectionsAndRecord : Password updated successfully"); res.json({message:"Password updated successfully..!!"}); } else { console.log("Error while updating password"); logger.debug("changePasswordRegister : Error : while updating the password"); res.json({message:"Error : while updating the password"}); } clientConn.end(); }).catch(function(err) { clientConn.end(); console.log("Error while updating password" + err); logger.debug("changePasswordRegister : Error : while updating the password" + err); res.json({message:"Error : while updating the password"}); }); } catch(err) { console.log("Error while updating password" + err); logger.debug("changePasswordRegister : Error : while updating the password" + err); res.json({message:"Error : while updating the password"}); } } else { console.log("Error while updating password"); logger.debug("changePasswordRegister : Error : while updating the password"); res.json({message:"Error : while updating the password"}); } } } }); } }); }); } }).catch(function(err) { console.log("error in password hashing"); logger.debug("UserControl newPassword : Password is not valid"); res.json({message:"Error : Password is not valid"}); }); } else { console.log("Username does not exists"); logger.debug("UserControl changePasswordRegister : Username does not exists = " + retUserName); res.json({message:"Error : Username does not exists"}); return null; } }).catch(function(err)
userSecurity.findOne({ userName: retUserName}).then(function (user) { if(!user) { console.log("Username does not exists"); logger.debug("UserControl changePasswordRegister : Username does not exists = " + retUserName); res.json({message:"Error : Username does not exists"}); return null; } else { // Make sure the password is correct bcrypt.compareAsync(retPassword, user.password).then(function(isMatch) { if(!isMatch) { // at least one number, one lowercase and one uppercase letter // at least six characters logger.debug("UserControl newPassword : Password is not valid"); res.json({message:"Error : Password is not valid"}); res.end(); } else if(!ValidatePassword(retNewPassword)) { logger.debug("UserControl newPassword : Password should have min 6 and max 10 characters, one number, one lowercase and one uppercase"); res.json({message:"Error : Password should have min 6 and max 10 characters, one number, one lowercase and one uppercase"}); res.end(); } else { logger.debug("UserControl new password : Update new password."); var secreateInfo = new userSecurity(); bcrypt.genSaltAsync(5).then(function(salt) { bcrypt.hashAsync(retNewPassword, salt, null).then(function(hash) { return hash; }).then(function(retHashPwd) { var isLast5Password = false; var pwdCount = 0; //Check if password is from last 5 password list. if(user.oldPasswords && user.oldPasswords.length > 0) { for(var cnt=0;cnt<user.oldPasswords.length;cnt++) { if(pwdCount<5) { var previousPwd = user.oldPasswords[cnt].password; if(previousPwd == retHashPwd) { isLast5Password = true; } pwdCount++; } else break; } } if(isLast5Password) { console.log("New password was set earlier. Password should not be from last 5 passwords"); logger.debug("changePasswordRegister : Error : New password was set earlier. Password should not be from last 5 passwords"); res.json({message:"Error : New password was set earlier. Password should not be from last 5 passwords"}); } else { secreateInfo.updateAsync({userId:user.userId},{$pushAll:{oldPasswords:[{password:retHashPwd}]},$set:{password:retHashPwd}},{ upsert: true },{customIdCondition: true}).then(function(updateStatus){ logger.debug("CreateCollectionsAndRecord : Password updated successfully"); res.json({message:"Password updated successfully..!!"}); }).catch(function(err) { console.log("Error while updating password" + err); logger.debug("changePasswordRegister : Error : while updating the password" + err); res.json({message:"Error : while updating the password"}); }); } }); }).catch(function(err) { console.log("error in password hashing"); logger.debug("UserControl newPassword : Password is not valid"); res.json({message:"Error : Password is not valid"}); }); } }).catch(function(err) { console.log("Username or password is not valid"); logger.debug("UserControl newPassword : Username or password is not valid"); res.json({message:"Error : Username or password is not valid"}); }); } }).catch(function(err)