Fixing persistence of passwords #8
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Adding fix suggested by: @solvisit in issue: SenseTecnic#1 This closes SenseTecnic/issues/1
Following setup guide from first-node guide
Need to add in error handling for messages (see section at the beginning, remember to use locals for language support) Need to add in logic, identify functions to use
Connected the User Credential Manager Node to access the user account objects. Do note that the passwords are stored as a hash, so they are not able to be displayed; however, this gives us the access we need to enable overwriting of the passwords and the creation of new accounts.
The locales/en-US/users_manager.json may not be included properly
commit 1d3ef52 Author: Linux User <[email protected]> Date: Tue Apr 23 21:10:26 2019 +0000 Defining procedure for handling messages The locales/en-US/users_manager.json may not be included properly commit 601dc5c Author: Linux User <[email protected]> Date: Tue Apr 23 19:51:18 2019 +0000 Connecting the User Credential Manager Node Connected the User Credential Manager Node to access the user account objects. Do note that the passwords are stored as a hash, so they are not able to be displayed; however, this gives us the access we need to enable overwriting of the passwords and the creation of new accounts. commit ee377f6 Author: Linux User <[email protected]> Date: Tue Apr 23 17:06:15 2019 +0000 Starting on making custom node Need to add in error handling for messages (see section at the beginning, remember to use locals for language support) Need to add in logic, identify functions to use
Exposed existing getUser() Exposed hash() Added addUser() Added getUserExistance() Added getUserAccount() Also added the following, one of which breaks something: Added updateUser() Added deleteUser()
commit 4926852 Author: Linux User <[email protected]> Date: Wed Apr 24 15:52:28 2019 +0000 Modifying to expose get and add user functions Exposed existing getUser() Exposed hash() Added addUser() Added getUserExistance() Added getUserAccount() Also added the following, one of which breaks something: Added updateUser() Added deleteUser() commit 1d3ef52 Author: Linux User <[email protected]> Date: Tue Apr 23 21:10:26 2019 +0000 Defining procedure for handling messages The locales/en-US/users_manager.json may not be included properly commit 601dc5c Author: Linux User <[email protected]> Date: Tue Apr 23 19:51:18 2019 +0000 Connecting the User Credential Manager Node Connected the User Credential Manager Node to access the user account objects. Do note that the passwords are stored as a hash, so they are not able to be displayed; however, this gives us the access we need to enable overwriting of the passwords and the creation of new accounts. commit ee377f6 Author: Linux User <[email protected]> Date: Tue Apr 23 17:06:15 2019 +0000 Starting on making custom node Need to add in error handling for messages (see section at the beginning, remember to use locals for language support) Need to add in logic, identify functions to use
Merging in development changes
Fixed issue with checking for user existance Fixed issue with createUser not properly checking for if a user already exists Added in method to delete users
Documentation needs to be updated Update/uncomment checkedRequiredFields in nodes/users_manager.js Does not signout users if their credentials have been deleted (only prevents reauthentication)
5 creating user from flow
|
Thank you for the PR, sorry for the extreme delay in this reply. I see a lot of changes in PR that don't seem to be relevant to the fix itself. Is it possible to reduce this PR to the core of the fix? |
This is in response to a GutHub Security advisory involving bcrypt (GHSA-5wg4-74h6-q47v) and has not been tested.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adding fix suggested by: @solvisit in issue: #1
This closes /issues/1