mrpastewart/platform
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

1.0.0

Browse source
This commit is contained in:
thosakwe 2017-03-02 17:37:19 -05:00
parent cad1be1b78
commit cb5c61dc14
3 changed files with 18 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
README.md
View file

@ -1,5 +1,5 @@
# security # security
[![version 1.0.0-alpha+1](https://img.shields.io/badge/pub-v1.0.0--alpha+1-red.svg)](https://pub.dartlang.org/packages/angel_security) [![version 1.0.0](https://img.shields.io/badge/pub-v1.0.0-brightgreen.svg)](https://pub.dartlang.org/packages/angel_security)
[![build status](https://travis-ci.org/angel-dart/security.svg)](https://travis-ci.org/angel-dart/security) [![build status](https://travis-ci.org/angel-dart/security.svg)](https://travis-ci.org/angel-dart/security)
Angel middleware designed to enhance application security by patching common Web security Angel middleware designed to enhance application security by patching common Web security

35
lib/src/hooks/hash_password.dart
View file

@ -25,7 +25,9 @@ HookedServiceEventListener hashPassword(
else if (passwordField == 'password') else if (passwordField == 'password')
return user?.password; return user?.password;
else else
return reflect(user).getField(new Symbol(passwordField ?? 'password')).reflectee; return reflect(user)
.getField(new Symbol(passwordField ?? 'password'))
.reflectee;
} }
_setPassword(password, user) { _setPassword(password, user) {
@ -41,35 +43,24 @@ HookedServiceEventListener hashPassword(
} }
if (e.data != null) { if (e.data != null) {
var password;
if (e.data is Iterable) {
for (var data in e.data) {
var p = await _getPassword(data);
if (p != null) {
password = p;
break;
}
}
} else
password = await _getPassword(e.data);
if (password != null) {
applyHash(user) async { applyHash(user) async {
var password = (await _getPassword(user))?.toString(); var password = (await _getPassword(user))?.toString();
if (password != null) {
var digest = h.convert(password.codeUnits); var digest = h.convert(password.codeUnits);
return _setPassword(new String.fromCharCodes(digest.bytes), user); return _setPassword(new String.fromCharCodes(digest.bytes), user);
} }
}
if (e.data is Iterable) { if (e.data is Iterable) {
var data = await Future.wait(e.data.map(applyHash)); var futures = await Future.wait(e.data.map((data) async {
e.data = e.data is List ? data.toList() : data; await applyHash(data);
} else return data;
e.data = await applyHash(e.data); }));
// TODO (thosakwe): Add salting capability e.data = futures.toList();
} } else
await applyHash(e.data);
} }
}; };
} }

2
pubspec.yaml
View file

@ -1,5 +1,5 @@
name: angel_security name: angel_security
version: 1.0.0-alpha+1 version: 1.0.0
description: Angel middleware designed to enhance application security by patching common Web security holes. description: Angel middleware designed to enhance application security by patching common Web security holes.
author: Tobe O <thosakwe@gmail.com> author: Tobe O <thosakwe@gmail.com>
environment: environment: