add tests for password utilities

test/api/v3/unit/libs/password.test.js

@@ -0,0 +1,41 @@
+import {
+  encrypt as encryptPassword,
+  makeSalt,
+} from '../../../../../website/src/libs/api-v3/password';
+
+describe('Password Utilities', () => {
+  describe('Encrypt', () => {
+    it('always encrypt the same password to the same value when using the same salt', () => {
+      let textPassword = 'mySecretPassword';
+      let salt = makeSalt();
+      let encryptedPassword = encryptPassword(textPassword, salt);
+
+      expect(encryptPassword(textPassword, salt)).to.eql(encryptedPassword);
+    });
+
+    it('never encrypt the same password to the same value when using a different salt', () => {
+      let textPassword = 'mySecretPassword';
+      let aSalt = makeSalt();
+      let anotherSalt = makeSalt();
+      let anEncryptedPassword = encryptPassword(textPassword, aSalt);
+      let anotherEncryptedPassword = encryptPassword(textPassword, anotherSalt);
+
+      expect(anEncryptedPassword).not.to.eql(anotherEncryptedPassword);
+    });
+  });
+
+  describe('Make Salt', () => {
+    it('creates a salt with length 10 by default', () => {
+      let salt = makeSalt();
+
+      expect(salt.length).to.eql(10);
+    });
+
+    it('can create a salt of any length', () => {
+      let length = 24;
+      let salt = makeSalt(length);
+
+      expect(salt.length).to.eql(length);
+    });
+  });
+});

website/src/libs/api-v3/password.js

@@ -1,5 +1,7 @@
+// Utilities for working with passwords
 import crypto from 'crypto';
 
+// Return the encrypted version of a password (using sha1) given a salt
 export function encrypt (password, salt) {
   return crypto
           .createHmac('sha1', salt)
@@ -7,6 +9,7 @@ export function encrypt (password, salt) {
           .digest('hex');
 }
 
+// Create a salt, default length is 10
 export function makeSalt (len = 10) {
   return crypto
           .randomBytes(Math.ceil(len / 2))