Hi, i was testing my database action script earlier today (midday uk time) and getting “Failed Login (wrong password)” errors as my database action script is clearly wrong.
i’ve returned this evening to take another look but i can’t seem to get any authentication errors to log in monitoring → logging area (i’ve always recieved 401 unauthorized on the dashboard on every attempt). Is there a temporary issue with logging for some reason? It’s tricky to fix my script with no way of seeing what is happening My script is below if anyone can point out a simple problem. I’m connecting to an azure database. Thanks.
function login(userNameEmail, password, callback) {
//this example uses the "tedious" library
//more info here: http://pekim.github.io/tedious/index.html
var Connection = require('tedious@1.11.0').Connection;
var Request = require('tedious@1.11.0').Request;
var TYPES = require('tedious@1.11.0').TYPES;
var connection = new Connection({
userName: 'theusername',
password: 'thepassword',
server: 'serveraddress',
options: {
database: 'databasename',
encrypt: true,
rowCollectionOnRequestCompletion: true
}
});
const crypto = require('crypto');
function hashPassword(password, salt) {
// the default implementation uses HMACSHA256 and since Key length is 64
// and default salt is 16 bytes, Membership will fill the buffer repeating the salt
const hmac = crypto.createHmac('sha256', Buffer.from(salt));
hmac.update(Buffer.from(password, 'ucs2'));
return hmac.digest('base64');
}
const hash = hashPassword(password, "thesalt");
var query = "SELECT *" +
"FROM Punter P WITH (NOLOCK)" +
"WHERE (username = @userNameEmail OR emailAddress = @userNameEmail ) AND " +
"passwordHash = @passwordHash "
connection.on('debug', function (text) {
// Uncomment next line in order to enable debugging messages
console.log(text);
}).on('errorMessage', function (text) {
console.log(JSON.stringify(text, null, 2));
return callback(text);
}).on('infoMessage', function (text) {
// Uncomment next line in order to enable information messages
console.log(JSON.stringify(text, null, 2));
});
connection.on('connect', function (err) {
if (err) { return callback(err); }
var request = new Request(query, function (err, rowCount, rows) {
if (err) {
callback(new Error(err));
} else if (rowCount < 1) {
callback(new WrongUsernameOrPasswordError(userNameEmail));
} else {
bcrypt.compare(password, rows[0][2].value, function (err, isValid) {
if (err) { callback(new Error(err)); }
else if (!isValid) { callback(new WrongUsernameOrPasswordError(userNameEmail)); }
else {
callback(null, {
user_id: rows[0][0].value,
email: rows[0][1].value
});
}
});
}
});
request.addParameter('userNameEmail', TYPES.VarChar, userNameEmail);
request.addParameter('passwordHash', TYPES.VarChar, hash);
connection.execSql(request);
});
}