Rocket.Chat/ee/apps/account-service/src/lib/loginViaUsername.ts at 05c415b94cb91907de39a39c6d277579258f334e · RocketChat/Rocket.Chat · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
import type { ILoginResult } from '@rocket.chat/core-services';
import type { IUser } from '@rocket.chat/core-typings';
import { Users } from '@rocket.chat/models';

import { saveSession } from './saveSession';
import { _generateStampedLoginToken, _hashStampedToken, _tokenExpiration, validatePassword } from './utils';

export async function loginViaUsername(
	{ username }: { username: string },
	password: string,
	loginExpiration: number,
): Promise<false | ILoginResult> {
	const user = await Users.findOne<IUser>({ username }, { projection: { 'services.password.bcrypt': 1 } });
	if (!user) {
		return false;
	}

	const valid = user.services?.password?.bcrypt && validatePassword(password, user.services.password.bcrypt);
	if (!valid) {
		return false;
	}

	const newToken = _generateStampedLoginToken();

	const hashedToken = _hashStampedToken(newToken);

	await saveSession(user._id, hashedToken);

	return {
		uid: user._id,
		token: newToken.token,
		hashedToken: hashedToken.hashedToken,
		tokenExpires: _tokenExpiration(newToken.when, loginExpiration),
		type: 'password',
	};
}