foxerBN/crm-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add debug logging for markContactEmailsAsRead and remove password change restriction

Browse Source
This commit is contained in:
richardtekula
2025-11-20 08:00:14 +01:00
parent 51714c8edd
commit 178b18baa5
20 changed files with 152 additions and 394 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/utils/password.js
View File

@@ -67,8 +67,12 @@ export const generateVerificationToken = () => {
* @returns {string} Encrypted password in format: iv:authTag:encrypted
*/
export const encryptPassword = (text) => {
if (!process.env.JWT_SECRET) {
throw new Error('JWT_SECRET environment variable is required for password encryption');
}
const algorithm = 'aes-256-gcm';
const key = crypto.scryptSync(process.env.JWT_SECRET || 'default-secret', 'salt', 32);
const key = crypto.scryptSync(process.env.JWT_SECRET, 'salt', 32);
const iv = crypto.randomBytes(16);
const cipher = crypto.createCipheriv(algorithm, key, iv);
@@ -86,8 +90,12 @@ export const encryptPassword = (text) => {
* @returns {string} Plain text password
*/
export const decryptPassword = (encryptedText) => {
if (!process.env.JWT_SECRET) {
throw new Error('JWT_SECRET environment variable is required for password decryption');
}
const algorithm = 'aes-256-gcm';
const key = crypto.scryptSync(process.env.JWT_SECRET || 'default-secret', 'salt', 32);
const key = crypto.scryptSync(process.env.JWT_SECRET, 'salt', 32);
const parts = encryptedText.split(':');
const iv = Buffer.from(parts[0], 'hex');