console.log('Loading function');// dependenciesvar AWS = require('aws-sdk');

1. console.log('Loading function');
2.  
3. // dependencies
4. var AWS = require('aws-sdk');
5. var crypto = require('crypto');
6. var util = require('util');
7. var config = require('./config.json');
8.  
9. // Get reference to AWS clients
10. var dynamodb = new AWS.DynamoDB();
11. var ses = new AWS.SES();
12.  
13. function computeHash(password, salt, fn) {
14. // Bytesize
15. var len = 128;
16. var iterations = 4096;
17.  
18. if (3 == arguments.length) {
19. crypto.pbkdf2(password, salt, iterations, len, fn);
20. } else {
21. fn = salt;
22. crypto.randomBytes(len, function(err, salt) {
23. if (err) return fn(err);
24. salt = salt.toString('base64');
25. crypto.pbkdf2(password, salt, iterations, len, function(err, derivedKey) {
26. if (err) return fn(err);
27. fn(null, salt, derivedKey.toString('base64'));
28. });
29. });
30. }
31. }
32.  
33. function storeUser(email, password, salt, fn) {
34. // Bytesize
35. var len = 128;
36. crypto.randomBytes(len, function(err, token) {
37. if (err) return fn(err);
38. token = token.toString('hex');
39. dynamodb.putItem({
40. TableName: config.DDB_TABLE,
41. Item: {
42. email: {
43. S: email
44. },
45. passwordHash: {
46. S: password
47. },
48. passwordSalt: {
49. S: salt
50. },
51. verified: {
52. BOOL: false
53. },
54. verifyToken: {
55. S: token
56. }
57. },
58. ConditionExpression: 'attribute_not_exists (email)'
59. }, function(err, data) {
60. if (err) return fn(err);
61. else fn(null, token);
62. });
63. });
64. }
65.  
66. function sendVerificationEmail(email, token, fn) {
67. var subject = 'Verification Email for ' + config.EXTERNAL_NAME;
68. var verificationLink = config.VERIFICATION_PAGE + '?email=' + encodeURIComponent(email) + '&verify=' + token;
69. ses.sendEmail({
70. Source: config.EMAIL_SOURCE,
71. Destination: {
72. ToAddresses: [
73. email
74. ]
75. },
76. Message: {
77. Subject: {
78. Data: subject
79. },
80. Body: {
81. Html: {
82. Data: '<html><head>'
83. + '<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />'
84. + '<title>' + subject + '</title>'
85. + '</head><body>'
86. + 'Please <a href="' + verificationLink + '">click here to verify your email address</a> or copy & paste the following link in a browser:'
87. + '<br><br>'
88. + '<a href="' + verificationLink + '">' + verificationLink + '</a>'
89. + '</body></html>'
90. }
91. }
92. }
93. }, fn);
94. }
95.  
96. exports.handler = function(event, context) {
97. var email = event.email;
98. var clearPassword = event.password;
99.  
100. computeHash(clearPassword, function(err, salt, hash) {
101. if (err) {
102. context.fail('Error in hash: ' + err);
103. } else {
104. storeUser(email, hash, salt, function(err, token) {
105. if (err) {
106. if (err.code == 'ConditionalCheckFailedException') {
107. // userId already found
108. context.succeed({
109. created: false
110. });
111. } else {
112. context.fail('Error in storeUser: ' + err);
113. }
114. } else {
115. sendVerificationEmail(email, token, function(err, data) {
116. if (err) {
117. context.fail('Error in sendVerificationEmail: ' + err);
118. } else {
119. context.succeed({
120. created: true
121. });
122. }
123. });
124. }
125. });
126. }
127. });
128. }