🚀 Argon2 0.1

In the past before Custom Modules existed I implemented Argon2 for node via a custom formatter.

The only problem with this approach was that formatters are synchronous and Argon2 for node would only run in asynchronous mode.

I worked around this by wrapping the async function in a sync function. Wrong in so many ways and I knew that at the time but there wasn’t any other solution available.

Anyway, I finally found some time to create an asynchronous custom module for Argon2.

You know the drill.

Install the node module.

npm i argon2

Drop these two babies in /extensions/server_connect/modules

And enjoy async argon2 for node.

There is still one caveat. Wappler Security module doesn’t know shit about this module so we need to work around it to use it in a Security Login action.

To login someone you will verify the password entered in the form($_POST.password) against the hash stored in the database for that user using the Argon2 Hash action.

image

If the result is true you will log the user with these parameters:

image

Notice how you are login the user with the password stored in the database(query1.password) instead of $_POST.password. It will always log the user as the passwords will match. Thankfully you added this inside a condition that will only evaluate to true if the password is actually verified first via argon2.

On the other side If the result is false it means the verification failed and you can 401 the hell out of the user.

Disclaimer: I’m not liable of anything. Use this method and files under your own responsability. Audit the code and if you don’t feel comfortable using it DON’T.

Have fun.

Community Page
Last updated: