function* (next) { const body = this.request.body; let user = (yield User .detail({ 'credentials': { $elemMatch: { method: body.method, account: body.account, secret: md5(`${config.CRYPT.SALT}-${body.secret}+${config.CRYPT.SALT}`) } } }))[0]; if (!user) { throw new Exception(E.AUTH.NO_USER_PASSWORD); } user = yield User .findOne({ _id: user._id, }) .exec(); let scope = {}; const app = yield Application .findOne({ user }) .lean() .exec(); if (app) { scope = { scopeId: app._id.toString(), scopeName: app.name }; } const index = _.findIndex(user.credentials, { method: body.method, account: body.account, }); user.credentials[index].secret = md5(`${config.CRYPT.SALT}-${body.newSecret}+${config.CRYPT.SALT}`); yield user.save(); const filteredUser = filterUser(user, scope); this.resolve({ user: filteredUser }); yield next; }
module.exports = function(params, secret) { let paramArray = []; const keys = Object.keys(params).sort(); for (const key of keys) { paramArray.push(`${key}=${String(params[key])}`); } const paramString = paramArray.join('&') + secret; return encrypt.md5(paramString); }