feat: check for empty str in isHashMatch

jsjoeio · jsjoeio · commit 1b8481152aff · 2021-06-07T16:00:37.000-07:00
diff --git a/src/node/cli.ts b/src/node/cli.ts
@@ -263,6 +263,7 @@ export const parse = (
     if (opts?.configFile) {
       msg = `error reading ${opts.configFile}: ${msg}`
     }
+
     return new Error(msg)
   }
 
@@ -286,7 +287,14 @@ export const parse = (
         const split = splitOnFirstEquals(arg.replace(/^--/, ""))
         key = split[0] as keyof Args
         value = split[1]
+      } else {
+        const short = arg.replace(/^-/, "")
+        const pair = Object.entries(options).find(([, v]) => v.short === short)
+        if (pair) {
+          key = pair[0] as keyof Args
+        }
       }
+
       if (!key || !options[key]) {
         throw error(`Unknown option ${arg}`)
       }
diff --git a/src/node/util.ts b/src/node/util.ts
@@ -134,6 +134,9 @@ export const hash = async (password: string): Promise<string> => {
  * Used to verify if the password matches the hash
  */
 export const isHashMatch = async (password: string, hash: string) => {
+  if (password === "" || hash === "") {
+    return false
+  }
   try {
     return await argon2.verify(hash, password)
   } catch (error) {
diff --git a/test/unit/node/util.test.ts b/test/unit/node/util.test.ts
@@ -185,6 +185,18 @@ describe("isHashMatch", () => {
     const actual = await isHashMatch(password, _hash)
     expect(actual).toBe(true)
   })
+  it("should return false if the password is empty", async () => {
+    const password = ""
+    const _hash = "$argon2i$v=19$m=4096,t=3,p=1$EAoczTxVki21JDfIZpTUxg$rkXgyrW4RDGoDYrxBFD4H2DlSMEhP4h+Api1hXnGnFY"
+    const actual = await isHashMatch(password, _hash)
+    expect(actual).toBe(false)
+  })
+  it("should return false if the hash is empty", async () => {
+    const password = "hellowpasssword"
+    const _hash = ""
+    const actual = await isHashMatch(password, _hash)
+    expect(actual).toBe(false)
+  })
 })
 
 describe("hashLegacy", () => {
@@ -325,7 +337,7 @@ describe("handlePasswordValidation", () => {
   })
 })
 
-describe.only("isCookieValid", () => {
+describe("isCookieValid", () => {
   it("should be valid if hashed-password for SHA256 matches cookie.key", async () => {
     const isValid = await isCookieValid({
       passwordMethod: "SHA256",
@@ -384,7 +396,7 @@ describe.only("isCookieValid", () => {
   })
 })
 
-describe.only("sanitizeString", () => {
+describe("sanitizeString", () => {
   it("should return an empty string if passed a type other than a string", () => {
     expect(sanitizeString({} as string)).toBe("")
   })

Original file line number	Diff line number	Diff line change
`@@ -263,6 +263,7 @@ export const parse = (`
`263`	`263`	`if (opts?.configFile) {`
`264`	`264`	msg = `error reading ${opts.configFile}: ${msg}`
`265`	`265`	`}`
	`266`	`+`
`266`	`267`	`return new Error(msg)`
`267`	`268`	`}`
`268`	`269`
`@@ -286,7 +287,14 @@ export const parse = (`
`286`	`287`	`const split = splitOnFirstEquals(arg.replace(/^--/, ""))`
`287`	`288`	`key = split[0] as keyof Args`
`288`	`289`	`value = split[1]`
	`290`	`+ } else {`
	`291`	`+ const short = arg.replace(/^-/, "")`
	`292`	`+ const pair = Object.entries(options).find(([, v]) => v.short === short)`
	`293`	`+ if (pair) {`
	`294`	`+ key = pair[0] as keyof Args`
	`295`	`+ }`
`289`	`296`	`}`
	`297`	`+`
`290`	`298`	`if (!key \|\| !options[key]) {`
`291`	`299`	throw error(`Unknown option ${arg}`)
`292`	`300`	`}`