Cassandra.runQuery('SELECT "userId", "password" FROM "AuthenticationLoginId" WHERE "loginId" = ?', [_flattenLoginId(loginId)], function(err, rows) { if (err) { return callback(err); } else if (_.isEmpty(rows)) { // No user found with that login id return callback({'code': 401, 'msg': 'No password found for this principal'}); } // Check if the user provided password matches the stored password var result = Cassandra.rowToHash(rows[0]); var passwordMatches = result.userId && result.password && AuthenticationUtil.hashAndComparePassword(password, result.password); if (passwordMatches) { callback(null, result.userId); } else { log().info('Invalid password check for user %s', username); callback({'code': 401, 'msg': 'User name and/or password do not match'}); } });
Cassandra.runQuery('SELECT userId, password FROM AuthenticationLoginId USING CONSISTENCY QUORUM WHERE loginId = ?', [_flattenLoginId(loginId)], function(err, rows) { if (err) { return callback(err); } if (rows[0].count === 0) { // No user found with that username. return callback({'code': 401, 'msg': 'No password found for this principal'}); } // Check if the user provided password matches the stored password var result = Cassandra.rowToHash(rows[0]); var passwordMatches = result.userId && result.password && AuthenticationUtil.hashAndComparePassword(password, result.password); if (passwordMatches) { callback(null, result.userId); } else { log().info('Invalid password check for user %s', username); callback({'code': 401, 'msg': 'User name and/or password do not match.'}); } });