mirror of
https://github.com/BradNut/boredgame
synced 2025-09-08 17:40:22 +00:00
Using scrypt instead of Argon2 given it is a pure JS implementation and noders-argon2 rust implementation has issues on Vite/Vercel/etc.
This commit is contained in:
Bradley Shellnut
parent
21c0a33c52
commit
54bc9c3faa
10 changed files with 150 additions and 126 deletions
|
|
@ -31,7 +31,7 @@
|
|||
"@sveltejs/adapter-auto": "^3.2.5",
|
||||
"@sveltejs/enhanced-img": "^0.3.8",
|
||||
"@sveltejs/kit": "^2.5.28",
|
||||
"@sveltejs/vite-plugin-svelte": "^3.1.2",
|
||||
"@sveltejs/vite-plugin-svelte": "4.0.0-next.7",
|
||||
"@types/cookie": "^0.6.0",
|
||||
"@types/node": "^20.16.5",
|
||||
"@types/pg": "^8.11.10",
|
||||
|
|
|
|||
|
|
@ -64,10 +64,10 @@ importers:
|
|||
version: 2.2.2
|
||||
'@sveltejs/adapter-node':
|
||||
specifier: ^5.2.3
|
||||
version: 5.2.4(@sveltejs/kit@2.5.28(@sveltejs/vite-plugin-svelte@3.1.2(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))
|
||||
version: 5.2.4(@sveltejs/kit@2.5.28(@sveltejs/vite-plugin-svelte@4.0.0-next.7(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))
|
||||
'@sveltejs/adapter-vercel':
|
||||
specifier: ^5.4.4
|
||||
version: 5.4.4(@sveltejs/kit@2.5.28(@sveltejs/vite-plugin-svelte@3.1.2(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))
|
||||
version: 5.4.4(@sveltejs/kit@2.5.28(@sveltejs/vite-plugin-svelte@4.0.0-next.7(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))
|
||||
'@types/feather-icons':
|
||||
specifier: ^4.29.4
|
||||
version: 4.29.4
|
||||
|
|
@ -106,7 +106,7 @@ importers:
|
|||
version: 4.29.2
|
||||
formsnap:
|
||||
specifier: ^1.0.1
|
||||
version: 1.0.1(svelte@5.0.0-next.175)(sveltekit-superforms@2.19.0(@sveltejs/kit@2.5.28(@sveltejs/vite-plugin-svelte@3.1.2(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(@types/json-schema@7.0.15)(svelte@5.0.0-next.175))
|
||||
version: 1.0.1(svelte@5.0.0-next.175)(sveltekit-superforms@2.19.0(@sveltejs/kit@2.5.28(@sveltejs/vite-plugin-svelte@4.0.0-next.7(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(@types/json-schema@7.0.15)(svelte@5.0.0-next.175))
|
||||
handlebars:
|
||||
specifier: ^4.7.8
|
||||
version: 4.7.8
|
||||
|
|
@ -197,16 +197,16 @@ importers:
|
|||
version: 1.47.2
|
||||
'@sveltejs/adapter-auto':
|
||||
specifier: ^3.2.5
|
||||
version: 3.2.5(@sveltejs/kit@2.5.28(@sveltejs/vite-plugin-svelte@3.1.2(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))
|
||||
version: 3.2.5(@sveltejs/kit@2.5.28(@sveltejs/vite-plugin-svelte@4.0.0-next.7(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))
|
||||
'@sveltejs/enhanced-img':
|
||||
specifier: ^0.3.8
|
||||
version: 0.3.8(rollup@4.21.2)(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1))
|
||||
'@sveltejs/kit':
|
||||
specifier: ^2.5.28
|
||||
version: 2.5.28(@sveltejs/vite-plugin-svelte@3.1.2(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1))
|
||||
version: 2.5.28(@sveltejs/vite-plugin-svelte@4.0.0-next.7(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1))
|
||||
'@sveltejs/vite-plugin-svelte':
|
||||
specifier: ^3.1.2
|
||||
version: 3.1.2(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1))
|
||||
specifier: 4.0.0-next.7
|
||||
version: 4.0.0-next.7(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1))
|
||||
'@types/cookie':
|
||||
specifier: ^0.6.0
|
||||
version: 0.6.0
|
||||
|
|
@ -296,10 +296,10 @@ importers:
|
|||
version: 2.0.1
|
||||
sveltekit-flash-message:
|
||||
specifier: ^2.4.4
|
||||
version: 2.4.4(@sveltejs/kit@2.5.28(@sveltejs/vite-plugin-svelte@3.1.2(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)
|
||||
version: 2.4.4(@sveltejs/kit@2.5.28(@sveltejs/vite-plugin-svelte@4.0.0-next.7(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)
|
||||
sveltekit-superforms:
|
||||
specifier: ^2.18.1
|
||||
version: 2.19.0(@sveltejs/kit@2.5.28(@sveltejs/vite-plugin-svelte@3.1.2(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(@types/json-schema@7.0.15)(svelte@5.0.0-next.175)
|
||||
version: 2.19.0(@sveltejs/kit@2.5.28(@sveltejs/vite-plugin-svelte@4.0.0-next.7(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(@types/json-schema@7.0.15)(svelte@5.0.0-next.175)
|
||||
tailwindcss:
|
||||
specifier: ^3.4.12
|
||||
version: 3.4.12(ts-node@10.9.2(@types/node@20.16.5)(typescript@5.6.2))
|
||||
|
|
@ -2017,19 +2017,19 @@ packages:
|
|||
svelte: ^4.0.0 || ^5.0.0-next.0
|
||||
vite: ^5.0.3
|
||||
|
||||
'@sveltejs/vite-plugin-svelte-inspector@2.1.0':
|
||||
resolution: {integrity: sha512-9QX28IymvBlSCqsCll5t0kQVxipsfhFFL+L2t3nTWfXnddYwxBuAEtTtlaVQpRz9c37BhJjltSeY4AJSC03SSg==}
|
||||
engines: {node: ^18.0.0 || >=20}
|
||||
'@sveltejs/vite-plugin-svelte-inspector@3.0.0-next.3':
|
||||
resolution: {integrity: sha512-kuGJ2CZ5lAw3gKF8Kw0AfKtUJWbwdlDHY14K413B0MCyrzvQvsKTorwmwZcky0+QqY6RnVIZ/5FttB9bQmkLXg==}
|
||||
engines: {node: ^18.0.0 || ^20.0.0 || >=22}
|
||||
peerDependencies:
|
||||
'@sveltejs/vite-plugin-svelte': ^3.0.0
|
||||
svelte: ^4.0.0 || ^5.0.0-next.0
|
||||
'@sveltejs/vite-plugin-svelte': ^4.0.0-next.0||^4.0.0
|
||||
svelte: ^5.0.0-next.96 || ^5.0.0
|
||||
vite: ^5.0.0
|
||||
|
||||
'@sveltejs/vite-plugin-svelte@3.1.2':
|
||||
resolution: {integrity: sha512-Txsm1tJvtiYeLUVRNqxZGKR/mI+CzuIQuc2gn+YCs9rMTowpNZ2Nqt53JdL8KF9bLhAf2ruR/dr9eZCwdTriRA==}
|
||||
engines: {node: ^18.0.0 || >=20}
|
||||
'@sveltejs/vite-plugin-svelte@4.0.0-next.7':
|
||||
resolution: {integrity: sha512-yMUnAqquoayvBDztk1rWUgdtvjv7YcHgopCAB7sWl9SQht8U/7lqwTlJU0ZTAY09pFFRe6bbakd7YoiyyIvJiA==}
|
||||
engines: {node: ^18.0.0 || ^20.0.0 || >=22}
|
||||
peerDependencies:
|
||||
svelte: ^4.0.0 || ^5.0.0-next.0
|
||||
svelte: ^5.0.0-next.96 || ^5.0.0
|
||||
vite: ^5.0.0
|
||||
|
||||
'@swc/helpers@0.5.13':
|
||||
|
|
@ -4345,12 +4345,6 @@ packages:
|
|||
peerDependencies:
|
||||
svelte: ^4.0.0
|
||||
|
||||
svelte-hmr@0.16.0:
|
||||
resolution: {integrity: sha512-Gyc7cOS3VJzLlfj7wKS0ZnzDVdv3Pn2IuVeJPk9m2skfhcu5bq3wtIZyQGggr7/Iim5rH5cncyQft/kRLupcnA==}
|
||||
engines: {node: ^12.20 || ^14.13.1 || >= 16}
|
||||
peerDependencies:
|
||||
svelte: ^3.19.0 || ^4.0.0
|
||||
|
||||
svelte-keyed@2.0.0:
|
||||
resolution: {integrity: sha512-7TeEn+QbJC2OJrHiuM0T8vMBkms3DNpTE+Ir+NtnVBnBMA78aL4f1ft9t0Hn/pBbD/TnIXi4YfjFRAgtN+DZ5g==}
|
||||
peerDependencies:
|
||||
|
|
@ -4724,8 +4718,8 @@ packages:
|
|||
terser:
|
||||
optional: true
|
||||
|
||||
vitefu@0.2.5:
|
||||
resolution: {integrity: sha512-SgHtMLoqaeeGnd2evZ849ZbACbnwQCIwRH57t18FxcXoZop0uQu0uzlIhJBlF/eWVzuce0sHeqPcDo+evVcg8Q==}
|
||||
vitefu@1.0.2:
|
||||
resolution: {integrity: sha512-0/iAvbXyM3RiPPJ4lyD4w6Mjgtf4ejTK6TPvTNG3H32PLwuT0N/ZjJLiXug7ETE/LWtTeHw9WRv7uX/tIKYyKg==}
|
||||
peerDependencies:
|
||||
vite: ^3.0.0 || ^4.0.0 || ^5.0.0
|
||||
peerDependenciesMeta:
|
||||
|
|
@ -6137,22 +6131,22 @@ snapshots:
|
|||
'@sodaru/yup-to-json-schema@2.0.1':
|
||||
optional: true
|
||||
|
||||
'@sveltejs/adapter-auto@3.2.5(@sveltejs/kit@2.5.28(@sveltejs/vite-plugin-svelte@3.1.2(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))':
|
||||
'@sveltejs/adapter-auto@3.2.5(@sveltejs/kit@2.5.28(@sveltejs/vite-plugin-svelte@4.0.0-next.7(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))':
|
||||
dependencies:
|
||||
'@sveltejs/kit': 2.5.28(@sveltejs/vite-plugin-svelte@3.1.2(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1))
|
||||
'@sveltejs/kit': 2.5.28(@sveltejs/vite-plugin-svelte@4.0.0-next.7(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1))
|
||||
import-meta-resolve: 4.1.0
|
||||
|
||||
'@sveltejs/adapter-node@5.2.4(@sveltejs/kit@2.5.28(@sveltejs/vite-plugin-svelte@3.1.2(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))':
|
||||
'@sveltejs/adapter-node@5.2.4(@sveltejs/kit@2.5.28(@sveltejs/vite-plugin-svelte@4.0.0-next.7(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))':
|
||||
dependencies:
|
||||
'@rollup/plugin-commonjs': 26.0.1(rollup@4.21.2)
|
||||
'@rollup/plugin-json': 6.1.0(rollup@4.21.2)
|
||||
'@rollup/plugin-node-resolve': 15.2.3(rollup@4.21.2)
|
||||
'@sveltejs/kit': 2.5.28(@sveltejs/vite-plugin-svelte@3.1.2(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1))
|
||||
'@sveltejs/kit': 2.5.28(@sveltejs/vite-plugin-svelte@4.0.0-next.7(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1))
|
||||
rollup: 4.21.2
|
||||
|
||||
'@sveltejs/adapter-vercel@5.4.4(@sveltejs/kit@2.5.28(@sveltejs/vite-plugin-svelte@3.1.2(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))':
|
||||
'@sveltejs/adapter-vercel@5.4.4(@sveltejs/kit@2.5.28(@sveltejs/vite-plugin-svelte@4.0.0-next.7(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))':
|
||||
dependencies:
|
||||
'@sveltejs/kit': 2.5.28(@sveltejs/vite-plugin-svelte@3.1.2(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1))
|
||||
'@sveltejs/kit': 2.5.28(@sveltejs/vite-plugin-svelte@4.0.0-next.7(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1))
|
||||
'@vercel/nft': 0.27.4
|
||||
esbuild: 0.21.5
|
||||
transitivePeerDependencies:
|
||||
|
|
@ -6169,9 +6163,9 @@ snapshots:
|
|||
transitivePeerDependencies:
|
||||
- rollup
|
||||
|
||||
'@sveltejs/kit@2.5.28(@sveltejs/vite-plugin-svelte@3.1.2(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1))':
|
||||
'@sveltejs/kit@2.5.28(@sveltejs/vite-plugin-svelte@4.0.0-next.7(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1))':
|
||||
dependencies:
|
||||
'@sveltejs/vite-plugin-svelte': 3.1.2(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1))
|
||||
'@sveltejs/vite-plugin-svelte': 4.0.0-next.7(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1))
|
||||
'@types/cookie': 0.6.0
|
||||
cookie: 0.6.0
|
||||
devalue: 5.0.0
|
||||
|
|
@ -6187,26 +6181,25 @@ snapshots:
|
|||
tiny-glob: 0.2.9
|
||||
vite: 5.4.7(@types/node@20.16.5)(sass@1.79.1)
|
||||
|
||||
'@sveltejs/vite-plugin-svelte-inspector@2.1.0(@sveltejs/vite-plugin-svelte@3.1.2(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1))':
|
||||
'@sveltejs/vite-plugin-svelte-inspector@3.0.0-next.3(@sveltejs/vite-plugin-svelte@4.0.0-next.7(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1))':
|
||||
dependencies:
|
||||
'@sveltejs/vite-plugin-svelte': 3.1.2(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1))
|
||||
'@sveltejs/vite-plugin-svelte': 4.0.0-next.7(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1))
|
||||
debug: 4.3.6
|
||||
svelte: 5.0.0-next.175
|
||||
vite: 5.4.7(@types/node@20.16.5)(sass@1.79.1)
|
||||
transitivePeerDependencies:
|
||||
- supports-color
|
||||
|
||||
'@sveltejs/vite-plugin-svelte@3.1.2(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1))':
|
||||
'@sveltejs/vite-plugin-svelte@4.0.0-next.7(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1))':
|
||||
dependencies:
|
||||
'@sveltejs/vite-plugin-svelte-inspector': 2.1.0(@sveltejs/vite-plugin-svelte@3.1.2(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1))
|
||||
'@sveltejs/vite-plugin-svelte-inspector': 3.0.0-next.3(@sveltejs/vite-plugin-svelte@4.0.0-next.7(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1))
|
||||
debug: 4.3.6
|
||||
deepmerge: 4.3.1
|
||||
kleur: 4.1.5
|
||||
magic-string: 0.30.11
|
||||
svelte: 5.0.0-next.175
|
||||
svelte-hmr: 0.16.0(svelte@5.0.0-next.175)
|
||||
vite: 5.4.7(@types/node@20.16.5)(sass@1.79.1)
|
||||
vitefu: 0.2.5(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1))
|
||||
vitefu: 1.0.2(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1))
|
||||
transitivePeerDependencies:
|
||||
- supports-color
|
||||
|
||||
|
|
@ -7253,11 +7246,11 @@ snapshots:
|
|||
cross-spawn: 7.0.3
|
||||
signal-exit: 4.1.0
|
||||
|
||||
formsnap@1.0.1(svelte@5.0.0-next.175)(sveltekit-superforms@2.19.0(@sveltejs/kit@2.5.28(@sveltejs/vite-plugin-svelte@3.1.2(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(@types/json-schema@7.0.15)(svelte@5.0.0-next.175)):
|
||||
formsnap@1.0.1(svelte@5.0.0-next.175)(sveltekit-superforms@2.19.0(@sveltejs/kit@2.5.28(@sveltejs/vite-plugin-svelte@4.0.0-next.7(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(@types/json-schema@7.0.15)(svelte@5.0.0-next.175)):
|
||||
dependencies:
|
||||
nanoid: 5.0.7
|
||||
svelte: 5.0.0-next.175
|
||||
sveltekit-superforms: 2.19.0(@sveltejs/kit@2.5.28(@sveltejs/vite-plugin-svelte@3.1.2(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(@types/json-schema@7.0.15)(svelte@5.0.0-next.175)
|
||||
sveltekit-superforms: 2.19.0(@sveltejs/kit@2.5.28(@sveltejs/vite-plugin-svelte@4.0.0-next.7(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(@types/json-schema@7.0.15)(svelte@5.0.0-next.175)
|
||||
|
||||
forwarded@0.2.0: {}
|
||||
|
||||
|
|
@ -8667,10 +8660,6 @@ snapshots:
|
|||
svelte-render: 2.0.1(svelte@5.0.0-next.175)
|
||||
svelte-subscribe: 2.0.1(svelte@5.0.0-next.175)
|
||||
|
||||
svelte-hmr@0.16.0(svelte@5.0.0-next.175):
|
||||
dependencies:
|
||||
svelte: 5.0.0-next.175
|
||||
|
||||
svelte-keyed@2.0.0(svelte@5.0.0-next.175):
|
||||
dependencies:
|
||||
svelte: 5.0.0-next.175
|
||||
|
|
@ -8762,14 +8751,14 @@ snapshots:
|
|||
magic-string: 0.30.11
|
||||
zimmerframe: 1.1.2
|
||||
|
||||
sveltekit-flash-message@2.4.4(@sveltejs/kit@2.5.28(@sveltejs/vite-plugin-svelte@3.1.2(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175):
|
||||
sveltekit-flash-message@2.4.4(@sveltejs/kit@2.5.28(@sveltejs/vite-plugin-svelte@4.0.0-next.7(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175):
|
||||
dependencies:
|
||||
'@sveltejs/kit': 2.5.28(@sveltejs/vite-plugin-svelte@3.1.2(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1))
|
||||
'@sveltejs/kit': 2.5.28(@sveltejs/vite-plugin-svelte@4.0.0-next.7(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1))
|
||||
svelte: 5.0.0-next.175
|
||||
|
||||
sveltekit-superforms@2.19.0(@sveltejs/kit@2.5.28(@sveltejs/vite-plugin-svelte@3.1.2(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(@types/json-schema@7.0.15)(svelte@5.0.0-next.175):
|
||||
sveltekit-superforms@2.19.0(@sveltejs/kit@2.5.28(@sveltejs/vite-plugin-svelte@4.0.0-next.7(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(@types/json-schema@7.0.15)(svelte@5.0.0-next.175):
|
||||
dependencies:
|
||||
'@sveltejs/kit': 2.5.28(@sveltejs/vite-plugin-svelte@3.1.2(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1))
|
||||
'@sveltejs/kit': 2.5.28(@sveltejs/vite-plugin-svelte@4.0.0-next.7(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)))(svelte@5.0.0-next.175)(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1))
|
||||
devalue: 5.0.0
|
||||
just-clone: 6.2.0
|
||||
memoize-weak: 1.0.2
|
||||
|
|
@ -9023,7 +9012,7 @@ snapshots:
|
|||
fsevents: 2.3.3
|
||||
sass: 1.79.1
|
||||
|
||||
vitefu@0.2.5(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)):
|
||||
vitefu@1.0.2(vite@5.4.7(@types/node@20.16.5)(sass@1.79.1)):
|
||||
optionalDependencies:
|
||||
vite: 5.4.7(@types/node@20.16.5)(sass@1.79.1)
|
||||
|
||||
|
|
|
|||
|
|
@ -1,9 +1,8 @@
|
|||
import * as schema from '$lib/server/api/databases/tables'
|
||||
import type { db } from '$lib/server/api/packages/drizzle'
|
||||
import { eq } from 'drizzle-orm'
|
||||
import { Argon2id } from 'oslo/password'
|
||||
import { config } from '../../common/config'
|
||||
import users from './data/users.json'
|
||||
import { HashingService } from '../../services/hashing.service'
|
||||
|
||||
type JsonRole = {
|
||||
name: string
|
||||
|
|
@ -11,6 +10,7 @@ type JsonRole = {
|
|||
}
|
||||
|
||||
export default async function seed(db: db) {
|
||||
const hashingService = new HashingService()
|
||||
const adminRole = await db.select().from(schema.rolesTable).where(eq(schema.rolesTable.name, 'admin'))
|
||||
const userRole = await db.select().from(schema.rolesTable).where(eq(schema.rolesTable.name, 'user'))
|
||||
|
||||
|
|
@ -32,7 +32,7 @@ export default async function seed(db: db) {
|
|||
await db.insert(schema.credentialsTable).values({
|
||||
user_id: adminUser[0].id,
|
||||
type: schema.CredentialsType.PASSWORD,
|
||||
secret_data: await new Argon2id().hash(`${process.env.ADMIN_PASSWORD}`),
|
||||
secret_data: await hashingService.hash(`${process.env.ADMIN_PASSWORD}`),
|
||||
})
|
||||
|
||||
await db.insert(schema.collections).values({ user_id: adminUser[0].id }).onConflictDoNothing()
|
||||
|
|
@ -60,6 +60,7 @@ export default async function seed(db: db) {
|
|||
.onConflictDoNothing()
|
||||
|
||||
console.log('Admin user given user role.')
|
||||
const hasingService = new HashingService()
|
||||
await Promise.all(
|
||||
users.map(async (user) => {
|
||||
const [insertedUser] = await db
|
||||
|
|
@ -71,7 +72,7 @@ export default async function seed(db: db) {
|
|||
await db.insert(schema.credentialsTable).values({
|
||||
user_id: insertedUser?.id,
|
||||
type: schema.CredentialsType.PASSWORD,
|
||||
secret_data: await new Argon2id().hash(user.password),
|
||||
secret_data: await hasingService.hash(user.password),
|
||||
})
|
||||
await db.insert(schema.collections).values({ user_id: insertedUser?.id })
|
||||
await db.insert(schema.wishlistsTable).values({ user_id: insertedUser?.id })
|
||||
|
|
|
|||
|
|
@ -1,10 +0,0 @@
|
|||
import { Argon2id } from "oslo/password";
|
||||
|
||||
export async function hash(value: string) {
|
||||
const argon2 = new Argon2id()
|
||||
return argon2.hash(value);
|
||||
}
|
||||
|
||||
export function verify(hashedValue: string, value: string) {
|
||||
return new Argon2id().verify(hashedValue, value);
|
||||
}
|
||||
|
|
@ -7,7 +7,7 @@ import { type Disposable, injectable } from 'tsyringe'
|
|||
@injectable()
|
||||
export class DrizzleService implements Disposable {
|
||||
protected readonly pool: pg.Pool
|
||||
readonly db: NodePgDatabase<typeof schema>
|
||||
db: NodePgDatabase<typeof schema>
|
||||
readonly schema: typeof schema = schema
|
||||
|
||||
constructor() {
|
||||
|
|
|
|||
|
|
@ -1,34 +1,51 @@
|
|||
import { injectable } from "tsyringe";
|
||||
import { Argon2id } from "oslo/password";
|
||||
import { scrypt } from 'node:crypto'
|
||||
import { decodeHex, encodeHexLowerCase } from '@oslojs/encoding'
|
||||
import { constantTimeEqual } from '@oslojs/crypto/subtle'
|
||||
import { injectable } from 'tsyringe'
|
||||
|
||||
/* ---------------------------------- Note ---------------------------------- */
|
||||
/*
|
||||
Reference: https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#argon2id
|
||||
|
||||
I use Scrpt as the hashing algorithm due to its higher compatability
|
||||
with vite's build system and it uses less memory than Argon2id.
|
||||
|
||||
You can use Argon2id or any other hashing algorithm you prefer.
|
||||
*/
|
||||
/* -------------------------------------------------------------------------- */
|
||||
/*
|
||||
With Argon2id, you get the following error at times when vite optimizes its dependencies at times,
|
||||
|
||||
Error: Build failed with 2 errors:
|
||||
node_modules/.pnpm/@node-rs+argon2@1.7.0/node_modules/@node-rs/argon2/index.js:159:36: ERROR: No loader is configured for ".node" files: node_module
|
||||
*/
|
||||
/* -------------------------------------------------------------------------- */
|
||||
// If you don't use a hasher from oslo, which are preconfigured with recommended parameters from OWASP,
|
||||
// ensure that you configure them properly.
|
||||
@injectable()
|
||||
export class HashingService {
|
||||
private readonly hasher = new Argon2id();
|
||||
private N: number
|
||||
private r: number
|
||||
private p: number
|
||||
private dkLen: number
|
||||
|
||||
async hash(data: string) {
|
||||
return this.hasher.hash(data);
|
||||
}
|
||||
constructor() {
|
||||
this.N = 16384
|
||||
this.r = 16
|
||||
this.p = 1
|
||||
this.dkLen = 64
|
||||
}
|
||||
async hash(password: string) {
|
||||
const salt = encodeHexLowerCase(crypto.getRandomValues(new Uint8Array(16)))
|
||||
const key = await this.generateKey(password, salt)
|
||||
return `${salt}:${encodeHexLowerCase(key)}`
|
||||
}
|
||||
|
||||
async verify(hash: string, data: string) {
|
||||
return this.hasher.verify(hash, data)
|
||||
}
|
||||
async verify(hash: string, password: string) {
|
||||
const [salt, key] = hash.split(':')
|
||||
const targetKey = await this.generateKey(password, salt)
|
||||
return constantTimeEqual(targetKey, decodeHex(key))
|
||||
}
|
||||
|
||||
async generateKey(password: string, salt: string): Promise<Buffer> {
|
||||
return await new Promise((resolve, reject) => {
|
||||
scrypt(
|
||||
password.normalize('NFKC'),
|
||||
salt,
|
||||
this.dkLen,
|
||||
{
|
||||
N: this.N,
|
||||
p: this.p,
|
||||
r: this.r,
|
||||
// errors when 128 * N * r > `maxmem` (approximately)
|
||||
maxmem: 128 * this.N * this.r * 2,
|
||||
},
|
||||
(err, buff) => {
|
||||
if (err) return reject(err)
|
||||
return resolve(buff)
|
||||
},
|
||||
)
|
||||
})
|
||||
}
|
||||
}
|
||||
|
|
@ -1,12 +1,15 @@
|
|||
import 'reflect-metadata'
|
||||
import { RecoveryCodesRepository } from '$lib/server/api/repositories/recovery-codes.repository'
|
||||
import { alphabet, generateRandomString } from 'oslo/crypto'
|
||||
import { Argon2id } from 'oslo/password'
|
||||
import { inject, injectable } from 'tsyringe'
|
||||
import { HashingService } from './hashing.service'
|
||||
|
||||
@injectable()
|
||||
export class RecoveryCodesService {
|
||||
constructor(@inject(RecoveryCodesRepository) private readonly recoveryCodesRepository: RecoveryCodesRepository) {}
|
||||
constructor(
|
||||
@inject(HashingService) private readonly hashingService: HashingService,
|
||||
@inject(RecoveryCodesRepository) private readonly recoveryCodesRepository: RecoveryCodesRepository
|
||||
) {}
|
||||
|
||||
async findAllRecoveryCodesByUserId(userId: string) {
|
||||
return this.recoveryCodesRepository.findAllByUserId(userId)
|
||||
|
|
@ -16,7 +19,7 @@ export class RecoveryCodesService {
|
|||
const createdRecoveryCodes = Array.from({ length: 5 }, () => generateRandomString(10, alphabet('A-Z', '0-9')))
|
||||
if (createdRecoveryCodes && userId) {
|
||||
for (const code of createdRecoveryCodes) {
|
||||
const hashedCode = await new Argon2id().hash(code)
|
||||
const hashedCode = await this.hashingService.hash(code)
|
||||
console.log('Inserting recovery code', code, hashedCode)
|
||||
await this.recoveryCodesRepository.create({ userId, code: hashedCode })
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,5 +1,4 @@
|
|||
import 'reflect-metadata'
|
||||
import { Argon2id } from 'oslo/password'
|
||||
import { container } from 'tsyringe'
|
||||
import { afterAll, beforeAll, describe, expect, expectTypeOf, it, vi } from 'vitest'
|
||||
import { HashingService } from '../services/hashing.service'
|
||||
|
|
@ -19,7 +18,7 @@ describe('TokensService', () => {
|
|||
|
||||
describe('Generate Token', () => {
|
||||
it('should resolve', async () => {
|
||||
const hashedPassword = await new Argon2id().hash('111')
|
||||
const hashedPassword = 'testhash'
|
||||
hashingService.hash = vi.fn().mockResolvedValue(hashedPassword)
|
||||
const spy_hashingService_hash = vi.spyOn(hashingService, 'hash')
|
||||
const spy_hashingService_verify = vi.spyOn(hashingService, 'verify')
|
||||
|
|
@ -28,7 +27,7 @@ describe('TokensService', () => {
|
|||
expect(spy_hashingService_verify).toBeCalledTimes(0)
|
||||
})
|
||||
it('should generate a token that is verifiable', async () => {
|
||||
hashingService.hash = vi.fn().mockResolvedValue(await new Argon2id().hash('111'))
|
||||
hashingService.hash = vi.fn().mockResolvedValue('testhash')
|
||||
hashingService.verify = vi.fn().mockResolvedValue(true)
|
||||
const spy_hashingService_hash = vi.spyOn(hashingService, 'hash')
|
||||
const spy_hashingService_verify = vi.spyOn(hashingService, 'verify')
|
||||
|
|
|
|||
|
|
@ -1,12 +1,12 @@
|
|||
import 'reflect-metadata'
|
||||
import { CredentialsType } from '$lib/server/api/databases/tables'
|
||||
import { faker } from '@faker-js/faker'
|
||||
import { Argon2id } from 'oslo/password'
|
||||
import { container } from 'tsyringe'
|
||||
import { afterAll, beforeAll, describe, expect, it, vi } from 'vitest'
|
||||
import { CredentialsRepository } from '../repositories/credentials.repository'
|
||||
import { UsersRepository } from '../repositories/users.repository'
|
||||
import { CollectionsService } from '../services/collections.service'
|
||||
import { DrizzleService } from '../services/drizzle.service'
|
||||
import { TokensService } from '../services/tokens.service'
|
||||
import { UserRolesService } from '../services/user_roles.service'
|
||||
import { UsersService } from '../services/users.service'
|
||||
|
|
@ -15,21 +15,44 @@ import { WishlistsService } from '../services/wishlists.service'
|
|||
describe('UsersService', () => {
|
||||
let service: UsersService
|
||||
const credentialsRepository = vi.mocked(CredentialsRepository.prototype)
|
||||
const drizzleService = vi.mocked(DrizzleService.prototype, { deep: true })
|
||||
const tokensService = vi.mocked(TokensService.prototype)
|
||||
const usersRepository = vi.mocked(UsersRepository.prototype)
|
||||
const userRolesService = vi.mocked(UserRolesService.prototype)
|
||||
const wishlistsService = vi.mocked(WishlistsService.prototype)
|
||||
const collectionsService = vi.mocked(CollectionsService.prototype)
|
||||
|
||||
// Mocking the dependencies
|
||||
vi.mock('pg', () => ({
|
||||
Pool: vi.fn().mockImplementation(() => ({
|
||||
connect: vi.fn(),
|
||||
end: vi.fn(),
|
||||
})),
|
||||
}))
|
||||
|
||||
vi.mock('drizzle-orm/node-postgres', () => ({
|
||||
drizzle: vi.fn().mockImplementation(() => ({
|
||||
transaction: vi.fn().mockImplementation((callback) => callback()),
|
||||
// Add other methods you need to mock
|
||||
})),
|
||||
}))
|
||||
|
||||
beforeAll(() => {
|
||||
service = container
|
||||
.register<CredentialsRepository>(CredentialsRepository, { useValue: credentialsRepository })
|
||||
.register<DrizzleService>(DrizzleService, { useValue: drizzleService })
|
||||
.register<TokensService>(TokensService, { useValue: tokensService })
|
||||
.register<UsersRepository>(UsersRepository, { useValue: usersRepository })
|
||||
.register<UserRolesService>(UserRolesService, { useValue: userRolesService })
|
||||
.register<WishlistsService>(WishlistsService, { useValue: wishlistsService })
|
||||
.register<CollectionsService>(CollectionsService, { useValue: collectionsService })
|
||||
.resolve(UsersService)
|
||||
|
||||
drizzleService.db = {
|
||||
transaction: vi.fn().mockImplementation(async (callback) => {
|
||||
return await callback()
|
||||
}),
|
||||
} as any
|
||||
})
|
||||
|
||||
afterAll(() => {
|
||||
|
|
@ -62,8 +85,11 @@ describe('UsersService', () => {
|
|||
|
||||
describe('Create User', () => {
|
||||
it('should resolve', async () => {
|
||||
const hashedPassword = new Argon2id().hash('111')
|
||||
const hashedPassword = 'testhash'
|
||||
tokensService.createHashedToken = vi.fn().mockResolvedValue(hashedPassword)
|
||||
// drizzleService.db = {
|
||||
// transaction: vi.fn().mockResolvedValue(dbUser satisfies Awaited<ReturnType<typeof drizzleService.db.transaction>>),
|
||||
// }
|
||||
usersRepository.create = vi.fn().mockResolvedValue(dbUser satisfies Awaited<ReturnType<typeof usersRepository.create>>)
|
||||
credentialsRepository.create = vi.fn().mockResolvedValue(dbCredentials satisfies Awaited<ReturnType<typeof credentialsRepository.create>>)
|
||||
userRolesService.addRoleToUser = vi.fn().mockResolvedValue(undefined)
|
||||
|
|
@ -96,7 +122,7 @@ describe('UsersService', () => {
|
|||
})
|
||||
describe('Update User', () => {
|
||||
it('should resolve Password Exiting Credentials', async () => {
|
||||
const hashedPassword = new Argon2id().hash('111')
|
||||
const hashedPassword = 'testhash'
|
||||
tokensService.createHashedToken = vi.fn().mockResolvedValue(hashedPassword)
|
||||
credentialsRepository.update = vi.fn().mockResolvedValue(dbCredentials satisfies Awaited<ReturnType<typeof credentialsRepository.update>>)
|
||||
credentialsRepository.findPasswordCredentialsByUserId = vi
|
||||
|
|
@ -112,7 +138,7 @@ describe('UsersService', () => {
|
|||
expect(spy_credentialsRepository_update).toBeCalledTimes(1)
|
||||
})
|
||||
it('Should Create User Password No Existing Credentials', async () => {
|
||||
const hashedPassword = new Argon2id().hash('111')
|
||||
const hashedPassword = 'testhash'
|
||||
tokensService.createHashedToken = vi.fn().mockResolvedValue(hashedPassword)
|
||||
credentialsRepository.findPasswordCredentialsByUserId = vi.fn().mockResolvedValue(null)
|
||||
credentialsRepository.create = vi.fn().mockResolvedValue(dbCredentials satisfies Awaited<ReturnType<typeof credentialsRepository.create>>)
|
||||
|
|
|
|||
|
|
@ -4,8 +4,7 @@ import { twoFactorTable, usersTable } from '$lib/server/api/databases/tables'
|
|||
import { db } from '$lib/server/api/packages/drizzle'
|
||||
import { recoveryCodeSchema, totpSchema } from '$lib/validations/auth'
|
||||
import { type Actions, fail } from '@sveltejs/kit'
|
||||
import { and, eq } from 'drizzle-orm'
|
||||
import { Argon2id } from 'oslo/password'
|
||||
import { eq } from 'drizzle-orm'
|
||||
import { redirect } from 'sveltekit-flash-message/server'
|
||||
import { zod } from 'sveltekit-superforms/adapters'
|
||||
import { superValidate } from 'sveltekit-superforms/server'
|
||||
|
|
@ -268,21 +267,21 @@ function totpTimeElapsed(initiatedTime: Date) {
|
|||
return false
|
||||
}
|
||||
|
||||
async function checkRecoveryCode(recoveryCode: string, userId: string) {
|
||||
const userRecoveryCodes = await db.query.recoveryCodesTable.findMany({
|
||||
where: and(eq(recoveryCodesTable.used, false), eq(recoveryCodesTable.userId, userId)),
|
||||
})
|
||||
for (const code of userRecoveryCodes) {
|
||||
const validRecoveryCode = await new Argon2id().verify(code.code, recoveryCode)
|
||||
if (validRecoveryCode) {
|
||||
await db
|
||||
.update(recoveryCodesTable)
|
||||
.set({
|
||||
used: true,
|
||||
})
|
||||
.where(eq(recoveryCodesTable.id, code.id))
|
||||
return true
|
||||
}
|
||||
}
|
||||
return false
|
||||
}
|
||||
// async function checkRecoveryCode(recoveryCode: string, userId: string) {
|
||||
// const userRecoveryCodes = await db.query.recoveryCodesTable.findMany({
|
||||
// where: and(eq(recoveryCodesTable.used, false), eq(recoveryCodesTable.userId, userId)),
|
||||
// })
|
||||
// for (const code of userRecoveryCodes) {
|
||||
// const validRecoveryCode = await new Argon2id().verify(code.code, recoveryCode)
|
||||
// if (validRecoveryCode) {
|
||||
// await db
|
||||
// .update(recoveryCodesTable)
|
||||
// .set({
|
||||
// used: true,
|
||||
// })
|
||||
// .where(eq(recoveryCodesTable.id, code.id))
|
||||
// return true
|
||||
// }
|
||||
// }
|
||||
// return false
|
||||
// }
|
||||
|
|
|
|||
Loading…
Reference in a new issue