From 641222f02b31d9c839b6cbcd07004ea1e701b568 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E0=A4=95=E0=A4=BE=E0=A4=B0=E0=A4=A4=E0=A5=8B=E0=A4=AB?=
 =?UTF-8?q?=E0=A5=8D=E0=A4=AB=E0=A5=87=E0=A4=B2=E0=A4=B8=E0=A5=8D=E0=A4=95?=
 =?UTF-8?q?=E0=A5=8D=E0=A4=B0=E0=A4=BF=E0=A4=AA=E0=A5=8D=E0=A4=9F=E2=84=A2?=
 <aditya@netroy.in>
Date: Wed, 7 Feb 2024 11:36:48 +0100
Subject: [PATCH 1/3] ci: Speed up some of the cli tests by skipping calls to
 bcrypt hash (no-changelog)

---
 packages/cli/test/integration/ldap/ldap.api.test.ts | 2 +-
 packages/cli/test/integration/shared/db/users.ts    | 7 +++++--
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/packages/cli/test/integration/ldap/ldap.api.test.ts b/packages/cli/test/integration/ldap/ldap.api.test.ts
index 5969fa4b7f327..d60e51595659d 100644
--- a/packages/cli/test/integration/ldap/ldap.api.test.ts
+++ b/packages/cli/test/integration/ldap/ldap.api.test.ts
@@ -47,7 +47,7 @@ const testServer = utils.setupTestServer({
 });
 
 beforeAll(async () => {
-	owner = await createUser({ role: 'global:owner', password: 'password' });
+	owner = await createUser({ role: 'global:owner' });
 	authOwnerAgent = testServer.authAgentFor(owner);
 
 	defaultLdapConfig.bindingAdminPassword = Container.get(Cipher).encrypt(
diff --git a/packages/cli/test/integration/shared/db/users.ts b/packages/cli/test/integration/shared/db/users.ts
index 27defb218467d..ec8d07a96f71d 100644
--- a/packages/cli/test/integration/shared/db/users.ts
+++ b/packages/cli/test/integration/shared/db/users.ts
@@ -9,6 +9,9 @@ import { MfaService } from '@/Mfa/mfa.service';
 
 import { randomApiKey, randomEmail, randomName, randomValidPassword } from '../random';
 
+// pre-computed bcrypt hash for the string 'password', using `await hash('password', 10)`
+const passwordHash = '$2a$10$njedH7S6V5898mj6p0Jr..IGY9Ms.qNwR7RbSzzX9yubJocKfvGGK';
+
 /**
  * Store a user in the DB, defaulting to a `member`.
  */
@@ -16,7 +19,7 @@ export async function createUser(attributes: Partial<User> = {}): Promise<User>
 	const { email, password, firstName, lastName, role, ...rest } = attributes;
 	const user = Container.get(UserRepository).create({
 		email: email ?? randomEmail(),
-		password: await hash(password ?? randomValidPassword(), 10),
+		password: password ? await hash(password, 10) : passwordHash,
 		firstName: firstName ?? randomName(),
 		lastName: lastName ?? randomName(),
 		role: role ?? 'global:member',
@@ -101,7 +104,7 @@ export async function createManyUsers(
 		[...Array(amount)].map(async () =>
 			Container.get(UserRepository).create({
 				email: email ?? randomEmail(),
-				password: await hash(password ?? randomValidPassword(), 10),
+				password: password ? await hash(password, 10) : passwordHash,
 				firstName: firstName ?? randomName(),
 				lastName: lastName ?? randomName(),
 				role: role ?? 'global:member',

From 9fb265ae00ffdcf3ecc474c8616aeedbfbeef355 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E0=A4=95=E0=A4=BE=E0=A4=B0=E0=A4=A4=E0=A5=8B=E0=A4=AB?=
 =?UTF-8?q?=E0=A5=8D=E0=A4=AB=E0=A5=87=E0=A4=B2=E0=A4=B8=E0=A5=8D=E0=A4=95?=
 =?UTF-8?q?=E0=A5=8D=E0=A4=B0=E0=A4=BF=E0=A4=AA=E0=A5=8D=E0=A4=9F=E2=84=A2?=
 <aditya@netroy.in>
Date: Wed, 7 Feb 2024 11:37:11 +0100
Subject: [PATCH 2/3] hash only one round in tests

---
 packages/cli/test/integration/shared/db/users.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/packages/cli/test/integration/shared/db/users.ts b/packages/cli/test/integration/shared/db/users.ts
index ec8d07a96f71d..2ee01524bfecd 100644
--- a/packages/cli/test/integration/shared/db/users.ts
+++ b/packages/cli/test/integration/shared/db/users.ts
@@ -19,7 +19,7 @@ export async function createUser(attributes: Partial<User> = {}): Promise<User>
 	const { email, password, firstName, lastName, role, ...rest } = attributes;
 	const user = Container.get(UserRepository).create({
 		email: email ?? randomEmail(),
-		password: password ? await hash(password, 10) : passwordHash,
+		password: password ? await hash(password, 1) : passwordHash,
 		firstName: firstName ?? randomName(),
 		lastName: lastName ?? randomName(),
 		role: role ?? 'global:member',
@@ -104,7 +104,7 @@ export async function createManyUsers(
 		[...Array(amount)].map(async () =>
 			Container.get(UserRepository).create({
 				email: email ?? randomEmail(),
-				password: password ? await hash(password, 10) : passwordHash,
+				password: password ? await hash(password, 1) : passwordHash,
 				firstName: firstName ?? randomName(),
 				lastName: lastName ?? randomName(),
 				role: role ?? 'global:member',

From 20552a8d94eed84edfcaf7d23c74490d057930e7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E0=A4=95=E0=A4=BE=E0=A4=B0=E0=A4=A4=E0=A5=8B=E0=A4=AB?=
 =?UTF-8?q?=E0=A5=8D=E0=A4=AB=E0=A5=87=E0=A4=B2=E0=A4=B8=E0=A5=8D=E0=A4=95?=
 =?UTF-8?q?=E0=A5=8D=E0=A4=B0=E0=A4=BF=E0=A4=AA=E0=A5=8D=E0=A4=9F=E2=84=A2?=
 <aditya@netroy.in>
Date: Wed, 7 Feb 2024 11:38:50 +0100
Subject: [PATCH 3/3] use implicit salt generation in PasswordUtility

---
 packages/cli/src/services/password.utility.ts | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/packages/cli/src/services/password.utility.ts b/packages/cli/src/services/password.utility.ts
index 314a3fef71b4c..8c8c3aaf1964c 100644
--- a/packages/cli/src/services/password.utility.ts
+++ b/packages/cli/src/services/password.utility.ts
@@ -1,18 +1,17 @@
 import { BadRequestError } from '@/errors/response-errors/bad-request.error';
 import { Service as Utility } from 'typedi';
-import { compare, genSaltSync, hash } from 'bcryptjs';
+import { compare, hash } from 'bcryptjs';
 import {
 	MAX_PASSWORD_CHAR_LENGTH as maxLength,
 	MIN_PASSWORD_CHAR_LENGTH as minLength,
 } from '@/constants';
 
+const SALT_ROUNDS = 10;
+
 @Utility()
 export class PasswordUtility {
 	async hash(plaintext: string) {
-		const SALT_ROUNDS = 10;
-		const salt = genSaltSync(SALT_ROUNDS);
-
-		return await hash(plaintext, salt);
+		return await hash(plaintext, SALT_ROUNDS);
 	}
 
 	async compare(plaintext: string, hashed: string) {