cay/Praxissofttware
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
bc7dfc0210
Praxissofttware/services/auth.service.js

51 lines
1.4 KiB
JavaScript
Raw Blame History

const bcrypt = require("bcrypt");
async function loginUser(db, username, password, lockTimeMinutes) {
return new Promise((resolve, reject) => {
db.query(
"SELECT * FROM users WHERE username = ?",
[username],
async (err, results) => {
if (err || results.length === 0) {
return reject("Login fehlgeschlagen");
}
const user = results[0];
const now = new Date();
if (user.active === 0) {
return reject("Account deaktiviert");
}
if (user.lock_until && new Date(user.lock_until) > now) {
return reject(`Account gesperrt bis ${user.lock_until}`);
}
const match = await bcrypt.compare(password, user.password);
if (!match) {
let sql = "failed_attempts = failed_attempts + 1";
if (user.failed_attempts + 1 >= 3) {
sql += `, lock_until = DATE_ADD(NOW(), INTERVAL ${lockTimeMinutes} MINUTE)`;
}
db.query(`UPDATE users SET ${sql} WHERE id = ?`, [user.id]);
return reject("Falsches Passwort");
}
db.query(
"UPDATE users SET failed_attempts = 0, lock_until = NULL WHERE id = ?",
[user.id]
);
resolve({
id: user.id,
username: user.username,
role: user.role
});
}
);
});
}
module.exports = { loginUser };
Reference in New Issue View Git Blame Copy Permalink