From 989ec84852c3ffe818438487d6770b845e647ebd Mon Sep 17 00:00:00 2001
From: "D. Berge" <dberge@aaltronav.eu>
Date: Thu, 24 Jul 2025 18:36:34 +0200
Subject: [PATCH] Refactor JWT credentials check to use class User

---
 lib/www/server/lib/jwt.js | 15 +++------------
 1 file changed, 3 insertions(+), 12 deletions(-)

diff --git a/lib/www/server/lib/jwt.js b/lib/www/server/lib/jwt.js
index 423cac8..db3343b 100644
--- a/lib/www/server/lib/jwt.js
+++ b/lib/www/server/lib/jwt.js
@@ -1,9 +1,9 @@
-const crypto = require('crypto');
 const JWT = require('jsonwebtoken');
 const cfg = require('./config');
+const ServerUser = require('./db/user/User');
 
 
-function checkValidCredentials ({user, password, jwt}) {
+async function checkValidCredentials ({user, password, jwt}) {
 	if (jwt) {
 		try {
 			const decoded = JWT.verify(jwt,  cfg.jwt.secret, {maxAge: "1d"});
@@ -16,16 +16,7 @@ function checkValidCredentials ({user, password, jwt}) {
 			return; // Invalid JWT
 		}
 	} else if (user && password) {
-		const hash = crypto
-			.pbkdf2Sync(password, 'Dougal'+user, 10712, 48, 'sha512')
-			.toString('base64');
-		for (const credentials of cfg._("global.users.login.user") || []) {
-			if (credentials.name == user && credentials.hash == hash) {
-				const payload = {...credentials};
-				delete payload.hash;
-				return payload;
-			}
-		}
+		return (await ServerUser.authenticateSQL(user, password))?.toJSON();
 	}
 }