a lot

packages/common/src/crypto.ts

@@ -0,0 +1,51 @@
+import { randomBytes, scrypt, timingSafeEqual } from 'crypto';
+
+export function generateSalt() {
+  return randomBytes(16).toString('hex');
+}
+
+/**
+ * Has a password or a secret with a password hashing algorithm (scrypt)
+ * @param {string} password
+ * @returns {string} The salt+hash
+ */
+export async function hashPassword(
+  password: string,
+  _salt?: string,
+  keyLength = 32
+): Promise<string> {
+  return new Promise((resolve, reject) => {
+    // generate random 16 bytes long salt - recommended by NodeJS Docs
+    const salt = _salt || generateSalt();
+    scrypt(password, salt, keyLength, (err, derivedKey) => {
+      if (err) reject(err);
+      // derivedKey is of type Buffer
+      resolve(`${salt}.${derivedKey.toString('hex')}`);
+    });
+  });
+}
+
+/**
+ * Compare a plain text password with a salt+hash password
+ * @param {string} password The plain text password
+ * @param {string} hash The hash+salt to check against
+ * @returns {boolean}
+ */
+export async function verifyPassword(
+  password: string,
+  hash: string,
+  keyLength = 32
+): Promise<boolean> {
+  return new Promise((resolve, reject) => {
+    const [salt, hashKey] = hash.split('.');
+    // we need to pass buffer values to timingSafeEqual
+    const hashKeyBuff = Buffer.from(hashKey!, 'hex');
+    scrypt(password, salt!, keyLength, (err, derivedKey) => {
+      if (err) {
+        reject(err);
+      }
+      // compare the new supplied password with the hashed password using timeSafeEqual
+      resolve(timingSafeEqual(hashKeyBuff, derivedKey));
+    });
+  });
+}

packages/common/src/date.ts

@@ -0,0 +1,7 @@
+export function getTime(date: string | number) {
+  return new Date(date).getTime();
+}
+
+export function toISOString(date: string | number) {
+  return new Date(date).toISOString();
+}

packages/common/src/object.ts

@@ -0,0 +1,22 @@
+import { anyPass, isEmpty, isNil, reject } from 'ramda';
+
+export function toDots(
+  obj: Record<string, unknown>,
+  path = ''
+): Record<string, number | string | boolean> {
+  return Object.entries(obj).reduce((acc, [key, value]) => {
+    if (typeof value === 'object' && value !== null) {
+      return {
+        ...acc,
+        ...toDots(value as Record<string, unknown>, `${path}${key}.`),
+      };
+    }
+
+    return {
+      ...acc,
+      [`${path}${key}`]: value,
+    };
+  }, {});
+}
+
+export const strip = reject(anyPass([isEmpty, isNil]));

packages/common/src/profileId.ts

@@ -0,0 +1,17 @@
+import { hashPassword } from './crypto';
+
+interface GenerateProfileIdOptions {
+  salt: string;
+  ua: string;
+  ip: string;
+  origin: string;
+}
+
+export async function generateProfileId({
+  salt,
+  ua,
+  ip,
+  origin,
+}: GenerateProfileIdOptions) {
+  return await hashPassword(`${ua}:${ip}:${origin}`, salt, 8);
+}