Added some sanity checks to password hashing scripts.

2022-07-14 10:45:56 +02:00 · 2022-07-14 10:45:56 +02:00 · 1f44e3c694
commit 1f44e3c694
parent bc304d9bfa
3 changed files with 72 additions and 5 deletions
--- a/bin/bcrypt.js
+++ b/bin/bcrypt.js
@ -5,6 +5,9 @@ const saltRounds = 10;

 const stdout = process.stdout
 const stdin = process.stdin
+const argv = process.argv;
+
+const checkHash = argv.length > 2 ? argv[2] : undefined;

 let password = '';

@ -19,6 +22,13 @@ process.stdin.on('end', () => {
    if (password[password.length - 1] === '\n') {
        password = password.substring(0, password.length - 1);
    }
-    const hash = bcrypt.hashSync(password, saltRounds);
-    stdout.write(`${hash}\n`);
+
+    if (checkHash !== undefined) {
+        const validPassword = bcrypt.compareSync(password, checkHash);
+        stdout.write(`${validPassword ? 'Valid password' : 'Invalid password'}\n`);
+        process.exit(validPassword ? 0 : 255);
+    } else {
+        const hash = bcrypt.hashSync(password, saltRounds);
+        stdout.write(`${hash}\n`);
+    }
 });