Change password encryption in GET users/login request with loopback
I have to implement a strongloop API connected to an existing MySQL Database. I'm currently trying to create a model based on User, but I am kinda struggling with the loggin in request.
The problem is: the users in my DB already have a password, but the encryption isn't the same as the one used in loopback. Is there a way to change all password-linked requests in strongloop in order to use my encryption? And a little trickier: is there a way to chose the encryption based on a boolean value in my model (ie. I'm thinking about migrating all the passwords, but I have to make sure my users can still log in with their old and dirty encrypted password)
Thank you,
bjorge
I think you could, but it would be pretty painful to alter the built-ins to that degree. It would probably be better to inject new routes in a boot script, and conditionally use the helper functions on the built-in User model, e.g. User.verify(), User.confirm(), etc.
Something like this roughly:
module.exports = function (app) {
//get User model from the express app
var UserModel = app.models.User;
//get your custom model
var customModel = app.models.someCustomModel;
app.post('/login', function (req, res) {
//parse user credentials from request body
const userCredentials = {
"username": req.body.username,
"password": req.body.password
}
if (customModel.someBoolean == true) {
//do your login stuff
} else {
UserModel.login(userCredentials, 'user', function (err, result) {
//handle response
});
}
});
}