swaf/src/auth/password/UserPasswordComponent.ts

import argon2 from "argon2";

import ModelComponent from "../../db/ModelComponent.js";
import Validator from "../../db/Validator.js";
import User from "../models/User.js";

export default class UserPasswordComponent extends ModelComponent<User> {
    public static readonly PASSWORD_MIN_LENGTH = 12;

    private password?: string | null = undefined;

    public init(): void {
        this.setValidation('password').acceptUndefined().maxLength(128);
    }

    public async setPassword(rawPassword: string, fieldName: string = 'password'): Promise<void> {
        await new Validator<string>()
            .defined()
            .minLength(UserPasswordComponent.PASSWORD_MIN_LENGTH)
            .maxLength(512)
            .execute(fieldName, rawPassword, true);
        this.password = await argon2.hash(rawPassword, {
            timeCost: 10,
            memoryCost: 65536,
            parallelism: 4,
            type: argon2.argon2id,
            hashLength: 32,
        });
    }

    public async verifyPassword(passwordGuess: string): Promise<boolean> {
        if (!this.password || !passwordGuess) return false;

        return await argon2.verify(this.password, passwordGuess);
    }

    public hasPassword(): boolean {
        return typeof this.password === 'string';
    }

    public removePassword(): void {
        this.password = null;
    }
}