Removed argon 2

Author: robconery

lib/models/user.js

@@ -1,15 +1,14 @@
 const { DataTypes, Model } = require('sequelize');
 const shortid = require("shortid")
-const argon2 = require("argon2");
 const crypto = require("crypto");
 
 const hashPassword = async function(pw){
-  //argon2? Why? Because: https://www.youtube.com/watch?v=qQAhprPM5lw
-  return argon2.hash(pw, {
-    memoryCost: 2 ** 16,
-    hashLength: 50,
-    timeCost: 20,
-    parallelism: 5
+  //use scrypt to hash the password, not argon2
+  return new Promise((resolve, reject) => {
+    crypto.scrypt(pw, "salt", 64, (err, derivedKey) => {
+      if(err) reject(err);
+      resolve(derivedKey.toString('hex'));
+    });
   })
 }
 
@@ -83,9 +82,9 @@ class User extends Model {
   static async authenticate({email, password}){
     let user = await User.findOne({where: {email: email}});
     if(!user) return {success: false, error: "User doesn't exist"};
-    //now, let's see if they gave us the right password
-    const passwordMatch = await argon2.verify(user.hashed_password, password);
-
+    //now, let's see if they gave us the right password using scrypt
+    const hashed = await hashPassword(password);
+    const passwordMatch = hashed === user.hashed_password;
     if(!passwordMatch) {
       return  {success: false, error: "Invalid credentials"};;
     }else{