From 70e0939326dba8d3375908dc64d1322e99352f7c Mon Sep 17 00:00:00 2001
From: Javad Mnjd <javad.mnjd@hotmail.com>
Date: Tue, 12 Mar 2024 17:48:30 +0330
Subject: [PATCH] feat: add skipPasswordHash option

---
 src/methods/password-change.ts                      | 3 ++-
 src/methods/reset-password.ts                       | 3 ++-
 src/methods/verify-signup-set-password.ts           | 8 +++++---
 src/options.ts                                      | 1 +
 src/services/PasswordChangeService.ts               | 1 +
 src/services/ResetPwdLongService.ts                 | 1 +
 src/services/ResetPwdShortService.ts                | 1 +
 src/services/VerifySignupSetPasswordLongService.ts  | 1 +
 src/services/VerifySignupSetPasswordShortService.ts | 1 +
 src/types.ts                                        | 5 +++++
 test/scaffolding.test.ts                            | 1 +
 11 files changed, 21 insertions(+), 5 deletions(-)

diff --git a/src/methods/password-change.ts b/src/methods/password-change.ts
index cd76e94..74e8e81 100644
--- a/src/methods/password-change.ts
+++ b/src/methods/password-change.ts
@@ -40,6 +40,7 @@ export default async function passwordChange (
     app,
     identifyUserProps,
     passwordField,
+    skipPasswordHash,
     sanitizeUserForClient,
     service,
     notifier
@@ -67,7 +68,7 @@ export default async function passwordChange (
   }
 
   const patchedUser = await usersService.patch(user[usersServiceId] as Id, {
-    password: await hashPassword(app, password, passwordField)
+    password: skipPasswordHash ? password : await hashPassword(app, password, passwordField)
   }, Object.assign({}, params)) as User;
 
   const userResult = await notify(notifier, 'passwordChange', patchedUser, notifierOptions);
diff --git a/src/methods/reset-password.ts b/src/methods/reset-password.ts
index 2cc3cf3..a0d7205 100644
--- a/src/methods/reset-password.ts
+++ b/src/methods/reset-password.ts
@@ -85,6 +85,7 @@ async function resetPassword (
     skipIsVerifiedCheck,
     reuseResetToken,
     passwordField,
+    skipPasswordHash,
     sanitizeUserForClient,
     notifier
   } = options;
@@ -160,7 +161,7 @@ async function resetPassword (
   }
 
   const patchedUser = await usersService.patch(user[usersServiceId] as Id, {
-    [passwordField]: await hashPassword(app, password, passwordField),
+    [passwordField]: skipPasswordHash ? password : await hashPassword(app, password, passwordField),
     resetExpires: null,
     resetAttempts: null,
     resetToken: null,
diff --git a/src/methods/verify-signup-set-password.ts b/src/methods/verify-signup-set-password.ts
index 4fe8032..24f6c96 100644
--- a/src/methods/verify-signup-set-password.ts
+++ b/src/methods/verify-signup-set-password.ts
@@ -85,6 +85,7 @@ async function verifySignupSetPassword (
   const {
     app,
     passwordField,
+    skipPasswordHash,
     sanitizeUserForClient,
     service,
     notifier
@@ -117,6 +118,7 @@ async function verifySignupSetPassword (
     isDateAfterNow(user.verifyExpires),
     user.verifyChanges || {},
     password,
+    skipPasswordHash,
     params
   );
 
@@ -149,17 +151,17 @@ async function verifySignupSetPassword (
     isVerified: boolean,
     verifyChanges: VerifyChanges,
     password: string,
+    skipPasswordHash: boolean,
     params?: Params
   ): Promise<User> {
-    const hashedPassword = await hashPassword(app, password, passwordField);
-
+    
     const patchData = Object.assign({}, verifyChanges || {}, {
       isVerified,
       verifyToken: null,
       verifyShortToken: null,
       verifyExpires: null,
       verifyChanges: {},
-      [passwordField]: hashedPassword
+      [passwordField]: skipPasswordHash ? password : await hashPassword(app, password, passwordField)
     });
 
     const result = await usersService.patch(
diff --git a/src/options.ts b/src/options.ts
index 0b1db37..a226904 100644
--- a/src/options.ts
+++ b/src/options.ts
@@ -26,6 +26,7 @@ export const optionsDefault: AuthenticationManagementServiceOptions = {
   sanitizeUserForClient,
   skipIsVerifiedCheck: false,
   passwordField: 'password',
+  skipPasswordHash: false,
   passParams: undefined
 };
 
diff --git a/src/services/PasswordChangeService.ts b/src/services/PasswordChangeService.ts
index b354b8d..bb2e989 100644
--- a/src/services/PasswordChangeService.ts
+++ b/src/services/PasswordChangeService.ts
@@ -21,6 +21,7 @@ export class PasswordChangeService
       'identifyUserProps',
       'sanitizeUserForClient',
       'passwordField',
+      'skipPasswordHash',
       'passParams'
     ]);
     this.options = Object.assign(defaultOptions, options);
diff --git a/src/services/ResetPwdLongService.ts b/src/services/ResetPwdLongService.ts
index d284621..b7f7e03 100644
--- a/src/services/ResetPwdLongService.ts
+++ b/src/services/ResetPwdLongService.ts
@@ -21,6 +21,7 @@ export class ResetPwdLongService
       'reuseResetToken',
       'sanitizeUserForClient',
       'passwordField',
+      'skipPasswordHash',
       'passParams'
     ]);
     this.options = Object.assign(defaultOptions, options);
diff --git a/src/services/ResetPwdShortService.ts b/src/services/ResetPwdShortService.ts
index 96147ee..5735537 100644
--- a/src/services/ResetPwdShortService.ts
+++ b/src/services/ResetPwdShortService.ts
@@ -22,6 +22,7 @@ export class ResetPwdShortService
       'reuseResetToken',
       'sanitizeUserForClient',
       'passwordField',
+      'skipPasswordHash',
       'identifyUserProps',
       'passParams'
     ]);
diff --git a/src/services/VerifySignupSetPasswordLongService.ts b/src/services/VerifySignupSetPasswordLongService.ts
index fa659fd..4805224 100644
--- a/src/services/VerifySignupSetPasswordLongService.ts
+++ b/src/services/VerifySignupSetPasswordLongService.ts
@@ -18,6 +18,7 @@ export class VerifySignupSetPasswordLongService
       'notifier',
       'sanitizeUserForClient',
       'passwordField',
+      'skipPasswordHash',
       'passParams'
     ]);
     this.options = Object.assign(defaultOptions, options);
diff --git a/src/services/VerifySignupSetPasswordShortService.ts b/src/services/VerifySignupSetPasswordShortService.ts
index 81839b2..b6bf441 100644
--- a/src/services/VerifySignupSetPasswordShortService.ts
+++ b/src/services/VerifySignupSetPasswordShortService.ts
@@ -19,6 +19,7 @@ export class VerifySignupSetPasswordShortService
       'notifier',
       'sanitizeUserForClient',
       'passwordField',
+      'skipPasswordHash',
       'identifyUserProps',
       'passParams'
     ]);
diff --git a/src/types.ts b/src/types.ts
index a77fecc..d4f3daf 100644
--- a/src/types.ts
+++ b/src/types.ts
@@ -115,6 +115,8 @@ export interface AuthenticationManagementServiceOptions {
   /** Property name of the password field on your `'/users'` service
    * @default 'password' */
   passwordField: string
+  /** Should we skip hashing password for `passwordField` ? If `true`, password won't be hashed by feathers-authentication-management when patching the user. This must be set to `true` if you are hashing your password field using resolvers. */
+  skipPasswordHash: boolean
   /** Pass params from f-a-m service to `/users` service */
   passParams: (params) => Params | Promise<Params>
 }
@@ -139,6 +141,7 @@ export type VerifySignupSetPasswordLongServiceOptions = Pick<AuthenticationManag
 'sanitizeUserForClient' |
 'notifier' |
 'passwordField' |
+'skipPasswordHash' |
 'passParams'>;
 export type VerifySignupSetPasswordOptions = VerifySignupSetPasswordLongServiceOptions & { app: Application };
 
@@ -148,6 +151,7 @@ export type PasswordChangeServiceOptions = Pick<AuthenticationManagementServiceO
 'notifier' |
 'sanitizeUserForClient' |
 'passwordField' |
+'skipPasswordHash' |
 'passParams'>;
 export type PasswordChangeOptions = PasswordChangeServiceOptions & { app: Application };
 
@@ -162,6 +166,7 @@ export type ResetPasswordServiceOptions = Pick<AuthenticationManagementServiceOp
 'notifier' |
 'sanitizeUserForClient' |
 'passwordField' |
+'skipPasswordHash' |
 'passParams'>;
 export type ResetPasswordOptions = ResetPasswordServiceOptions & { app: Application };
 
diff --git a/test/scaffolding.test.ts b/test/scaffolding.test.ts
index 9864a38..e1d0352 100644
--- a/test/scaffolding.test.ts
+++ b/test/scaffolding.test.ts
@@ -45,6 +45,7 @@ const optionsDefault: AuthenticationManagementServiceOptions = {
   sanitizeUserForClient: sanitizeUserForClient,
   skipIsVerifiedCheck: false,
   passwordField: "password",
+  skipPasswordHash: false,
   passParams: async (params) => {
     let { provider: _, query: __, ...passedParams } = params;
     return passedParams;