sebastjan/videofolxtv
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update user data handling and password storage mechanisms

Browse Source 
Refactor user model and storage implementations to correctly handle password hashing (using `passwordHash` instead of `password`), update field names for profile images to `avatar`, and ensure consistent user data mapping between database and in-memory storage. Includes schema adjustments for `users` table.

Replit-Commit-Author: Agent
Replit-Commit-Session-Id: 68e1a8f7-084c-4a75-801e-34657bd7a71b
Replit-Commit-Checkpoint-Type: full_checkpoint
Replit-Commit-Screenshot-Url: https://storage.googleapis.com/screenshot-production-us-central1/8cc42625-c1f5-4e43-99bd-77f2c4dedee2/68e1a8f7-084c-4a75-801e-34657bd7a71b/IiSxX58
This commit is contained in:
sebastjanartic 2025-09-02 12:10:11 +00:00
parent ced02be9dc
commit d283a0d4a5
2 changed files with 23 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
server/storage.ts
View File

@ -142,11 +142,11 @@ export class DatabaseStorage implements IStorage {
async createUser(user: InsertUser): Promise<User> { async createUser(user: InsertUser): Promise<User> {
// Hash password before storing // Hash password before storing
const hashedPassword = await bcrypt.hash(user.password, 12); const hashedPassword = await bcrypt.hash(user.passwordHash, 12);
const result = await db.insert(users).values({ const result = await db.insert(users).values({
...user, ...user,
password: hashedPassword, passwordHash: hashedPassword,
updatedAt: new Date() updatedAt: new Date()
}).returning(); }).returning();
return result[0]; return result[0];
@ -156,8 +156,8 @@ export class DatabaseStorage implements IStorage {
const updateData: any = { ...updates, updatedAt: new Date() }; const updateData: any = { ...updates, updatedAt: new Date() };
// Hash password if it's being updated // Hash password if it's being updated
if (updates.password) { if (updates.passwordHash) {
updateData.password = await bcrypt.hash(updates.password, 12); updateData.passwordHash = await bcrypt.hash(updates.passwordHash, 12);
} }
const result = await db.update(users) const result = await db.update(users)
@ -175,9 +175,9 @@ export class DatabaseStorage implements IStorage {
email: userData.email, email: userData.email,
firstName: userData.firstName, firstName: userData.firstName,
lastName: userData.lastName, lastName: userData.lastName,
profileImageUrl: userData.profileImageUrl, avatar: userData.profileImageUrl,
username: userData.email || `user_${userData.id}`, username: userData.email || `user_${userData.id}`,
password: '', // No password for OAuth users passwordHash: '', // No password for OAuth users
isAdmin: false, isAdmin: false,
isSuperAdmin: false, isSuperAdmin: false,
}) })
@ -187,7 +187,7 @@ export class DatabaseStorage implements IStorage {
email: userData.email, email: userData.email,
firstName: userData.firstName, firstName: userData.firstName,
lastName: userData.lastName, lastName: userData.lastName,
profileImageUrl: userData.profileImageUrl, avatar: userData.profileImageUrl,
updatedAt: new Date(), updatedAt: new Date(),
}, },
}) })
@ -199,7 +199,7 @@ export class DatabaseStorage implements IStorage {
const user = await this.getUserByEmail(email); const user = await this.getUserByEmail(email);
if (!user) return null; if (!user) return null;
const isValid = await bcrypt.compare(password, user.password); const isValid = await bcrypt.compare(password, user.passwordHash);
return isValid ? user : null; return isValid ? user : null;
} }
@ -526,15 +526,16 @@ export class MemStorage implements IStorage {
async createUser(user: InsertUser): Promise<User> { async createUser(user: InsertUser): Promise<User> {
const id = randomUUID(); const id = randomUUID();
const hashedPassword = await bcrypt.hash(user.password, 12); const hashedPassword = await bcrypt.hash(user.passwordHash, 12);
const fullUser: User = { const fullUser: User = {
...user, ...user,
id, id,
password: hashedPassword, passwordHash: hashedPassword,
firstName: user.firstName || null, firstName: user.firstName || null,
lastName: user.lastName || null, lastName: user.lastName || null,
profileImageUrl: user.profileImageUrl || null, avatar: user.avatar || null,
isActive: user.isActive ?? true,
isAdmin: user.isAdmin ?? false, isAdmin: user.isAdmin ?? false,
isSuperAdmin: user.isSuperAdmin ?? false, isSuperAdmin: user.isSuperAdmin ?? false,
createdAt: new Date(), createdAt: new Date(),
@ -549,8 +550,8 @@ export class MemStorage implements IStorage {
if (!user) return undefined; if (!user) return undefined;
const updateData: any = { ...updates, updatedAt: new Date() }; const updateData: any = { ...updates, updatedAt: new Date() };
if (updates.password) { if (updates.passwordHash) {
updateData.password = await bcrypt.hash(updates.password, 12); updateData.passwordHash = await bcrypt.hash(updates.passwordHash, 12);
} }
const updatedUser: User = { const updatedUser: User = {
@ -568,9 +569,10 @@ export class MemStorage implements IStorage {
email: userData.email, email: userData.email,
firstName: userData.firstName, firstName: userData.firstName,
lastName: userData.lastName, lastName: userData.lastName,
profileImageUrl: userData.profileImageUrl, avatar: userData.profileImageUrl,
username: userData.email || `user_${userData.id}`, username: userData.email || `user_${userData.id}`,
password: '', passwordHash: '',
isActive: existingUser?.isActive ?? true,
isAdmin: existingUser?.isAdmin || false, isAdmin: existingUser?.isAdmin || false,
isSuperAdmin: existingUser?.isSuperAdmin || false, isSuperAdmin: existingUser?.isSuperAdmin || false,
createdAt: existingUser?.createdAt || new Date(), createdAt: existingUser?.createdAt || new Date(),
@ -584,7 +586,7 @@ export class MemStorage implements IStorage {
const user = await this.getUserByEmail(email); const user = await this.getUserByEmail(email);
if (!user) return null; if (!user) return null;
const isValid = await bcrypt.compare(password, user.password); const isValid = await bcrypt.compare(password, user.passwordHash);
return isValid ? user : null; return isValid ? user : null;
} }

9
shared/schema.ts
View File

@ -39,14 +39,15 @@ export const videos = pgTable("videos", {
// User table for authentication and video ownership // User table for authentication and video ownership
export const users = pgTable("users", { export const users = pgTable("users", {
id: varchar("id").primaryKey().default(sql`gen_random_uuid()`), id: varchar("id").primaryKey(),
username: varchar("username", { length: 50 }).notNull().unique(), username: varchar("username", { length: 50 }).notNull().unique(),
email: varchar("email", { length: 255 }).notNull().unique(), email: varchar("email", { length: 255 }).notNull().unique(),
password: varchar("password", { length: 255 }).notNull(), passwordHash: varchar("password_hash", { length: 255 }).notNull(),
firstName: varchar("first_name", { length: 100 }), firstName: varchar("first_name", { length: 100 }),
lastName: varchar("last_name", { length: 100 }), lastName: varchar("last_name", { length: 100 }),
profileImageUrl: text("profile_image_url"), avatar: text("avatar"),
isAdmin: boolean("is_admin").default(false).notNull(), isActive: boolean("is_active").default(true).notNull(),
isAdmin: boolean("is_admin").default(false),
isSuperAdmin: boolean("is_super_admin").default(false).notNull(), isSuperAdmin: boolean("is_super_admin").default(false).notNull(),
createdAt: timestamp("created_at").notNull().default(sql`CURRENT_TIMESTAMP`), createdAt: timestamp("created_at").notNull().default(sql`CURRENT_TIMESTAMP`),
updatedAt: timestamp("updated_at").notNull().default(sql`CURRENT_TIMESTAMP`), updatedAt: timestamp("updated_at").notNull().default(sql`CURRENT_TIMESTAMP`),