make bcrypt strength configurable

2022-03-30 14:10:01 +02:00 · 2022-03-30 14:10:01 +02:00 · 8d5f95b6c8
parent 00d401786d
commit 8d5f95b6c8
6 changed files with 24 additions and 5 deletions
--- a/backend/src/collections/syspreferencesdb/syspreferencedefaults.service.ts
+++ b/backend/src/collections/syspreferencesdb/syspreferencedefaults.service.ts
@ -31,6 +31,8 @@ export class SysPreferenceDefaultsService {
    },
    [SysPreference.JwtExpiresIn]: () =>
      this.jwtConfigService.getJwtExpiresIn() ?? '7d',
+    [SysPreference.BCryptStrength]: () => 12,
+    
    [SysPreference.TestString]: () => 'test_string',
    [SysPreference.TestNumber]: () => 123,
    [SysPreference.TestBoolean]: () => true,
--- a/backend/src/collections/userdb/userdb.module.ts
+++ b/backend/src/collections/userdb/userdb.module.ts
@ -6,12 +6,14 @@ import { AuthConfigService } from '../../config/early/auth.config.service';
 import { EarlyConfigModule } from '../../config/early/earlyconfig.module';
 import { EUserBackend } from '../../models/entities/user.entity';
 import { RolesModule } from '../roledb/roledb.module';
+import { SysPreferenceModule } from '../syspreferencesdb/syspreferencedb.module';
 import { UsersService } from './userdb.service';

@Module({
  imports: [
    EarlyConfigModule,
    RolesModule,
+    SysPreferenceModule,
    TypeOrmModule.forFeature([EUserBackend]),
  ],
  providers: [UsersService],
--- a/backend/src/collections/userdb/userdb.service.ts
+++ b/backend/src/collections/userdb/userdb.service.ts
@ -2,6 +2,7 @@ import { Injectable, Logger } from '@nestjs/common';
 import { InjectRepository } from '@nestjs/typeorm';
 import * as bcrypt from 'bcrypt';
 import { plainToClass } from 'class-transformer';
+import { SysPreference } from 'picsur-shared/dist/dto/syspreferences.dto';
 import {
  AsyncFailable,
  Fail,
@ -24,9 +25,7 @@ import {
 import { EUserBackend } from '../../models/entities/user.entity';
 import { GetCols } from '../../models/util/collection';
 import { RolesService } from '../roledb/roledb.service';
-
-// TODO: make this a configurable value
-const BCryptStrength = 12;
+import { SysPreferenceService } from '../syspreferencesdb/syspreferencedb.service';

@Injectable()
 export class UsersService {
@ -36,6 +35,7 @@ export class UsersService {
    @InjectRepository(EUserBackend)
    private usersRepository: Repository<EUserBackend>,
    private rolesService: RolesService,
+    private prefService: SysPreferenceService,
  ) {}

  // Creation and deletion
@ -49,7 +49,8 @@ export class UsersService {
  ): AsyncFailable<EUserBackend> {
    if (await this.exists(username)) return Fail('User already exists');

-    const hashedPassword = await bcrypt.hash(password, BCryptStrength);
+    const strength = await this.getBCryptStrength();
+    const hashedPassword = await bcrypt.hash(password, strength);

    let user = new EUserBackend();
    user.username = username;
@ -153,7 +154,8 @@ export class UsersService {
    let userToModify = await this.resolve(user);
    if (HasFailed(userToModify)) return userToModify;

-    const hashedPassword = await bcrypt.hash(password, BCryptStrength);
+    const strength = await this.getBCryptStrength();
+    const hashedPassword = await bcrypt.hash(password, strength);
    userToModify.password = hashedPassword;

    try {
@ -257,4 +259,14 @@ export class UsersService {

    return filteredRoles;
  }
+
+  private async getBCryptStrength(): Promise<number> {
+    const result = await this.prefService.getNumberPreference(
+      SysPreference.BCryptStrength,
+    );
+    if (HasFailed(result)) {
+      return 12;
+    }
+    return result;
+  }
 }
--- a/backend/src/models/dto/syspreferences.dto.ts
+++ b/backend/src/models/dto/syspreferences.dto.ts
@ -12,6 +12,7 @@ export const SysPreferenceValueTypes: {
 } = {
  [SysPreference.JwtSecret]: 'string',
  [SysPreference.JwtExpiresIn]: 'string',
+  [SysPreference.BCryptStrength]: 'number',
  [SysPreference.TestString]: 'string',
  [SysPreference.TestNumber]: 'number',
  [SysPreference.TestBoolean]: 'boolean',
--- a/frontend/src/app/i18n/syspref.i18n.ts
+++ b/frontend/src/app/i18n/syspref.i18n.ts
@ -5,6 +5,7 @@ export const SysPreferenceFriendlyNames: {
 } = {
  [SysPreference.JwtSecret]: 'JWT Secret',
  [SysPreference.JwtExpiresIn]: 'JWT Expiry Time',
+  [SysPreference.BCryptStrength]: 'BCrypt Strength',
  [SysPreference.TestString]: 'Test String',
  [SysPreference.TestNumber]: 'Test Number',
  [SysPreference.TestBoolean]: 'Test Boolean',
--- a/shared/src/dto/syspreferences.dto.ts
+++ b/shared/src/dto/syspreferences.dto.ts
@ -2,6 +2,7 @@
 export enum SysPreference {
  JwtSecret = 'jwt_secret',
  JwtExpiresIn = 'jwt_expires_in',
+  BCryptStrength = 'bcrypt_strength',
  TestString = 'test_string',
  TestNumber = 'test_number',
  TestBoolean = 'test_boolean',