diff --git a/keyserver/src/session/cookie-hash.js b/keyserver/src/session/cookie-hash.js --- a/keyserver/src/session/cookie-hash.js +++ b/keyserver/src/session/cookie-hash.js @@ -3,16 +3,20 @@ import crypto from 'crypto'; import bcrypt from 'twin-bcrypt'; +function isBcryptHash(cookieHash: string): boolean { + return cookieHash.startsWith('$2y$'); +} + function getCookieHash(cookiePassword: string): string { return crypto.createHash('sha256').update(cookiePassword).digest('hex'); } function verifyCookieHash(cookiePassword: string, cookieHash: string): boolean { - if (cookieHash.startsWith('$2y$')) { + if (isBcryptHash(cookieHash)) { return bcrypt.compareSync(cookiePassword, cookieHash); } const expectedCookieHash = getCookieHash(cookiePassword); return cookieHash === expectedCookieHash; } -export { getCookieHash, verifyCookieHash }; +export { isBcryptHash, getCookieHash, verifyCookieHash }; diff --git a/keyserver/src/session/cookies.js b/keyserver/src/session/cookies.js --- a/keyserver/src/session/cookies.js +++ b/keyserver/src/session/cookies.js @@ -25,7 +25,11 @@ import { values } from 'lib/utils/objects.js'; import { promiseAll } from 'lib/utils/promises.js'; -import { getCookieHash, verifyCookieHash } from './cookie-hash.js'; +import { + isBcryptHash, + getCookieHash, + verifyCookieHash, +} from './cookie-hash.js'; import { Viewer } from './viewer.js'; import type { AnonymousViewerData, UserViewerData } from './viewer.js'; import createIDs from '../creators/id-creator.js'; @@ -733,9 +737,15 @@ async function updateCookie(viewer: Viewer) { const time = Date.now(); - const { cookieID } = viewer; + const { cookieID, cookieHash, cookiePassword } = viewer; + + const updateObj = {}; + updateObj.last_used = time; + if (isBcryptHash(cookieHash)) { + updateObj.hash = getCookieHash(cookiePassword); + } const query = SQL` - UPDATE cookies SET last_used = ${time} WHERE id = ${cookieID} + UPDATE cookies SET ${updateObj} WHERE id = ${cookieID} `; await dbQuery(query); }