From d66aef7812c2e45b8056ed2179cfbddc1538458d Mon Sep 17 00:00:00 2001
From: Baris Usakli <barisusakli@gmail.com>
Date: Wed, 10 Jul 2013 11:51:15 -0400
Subject: [PATCH] moved bcrpyt rounds to config file

---
 app.js      | 94 ++++++++++++++++++++++++++++-------------------------
 src/user.js |  7 ++--
 2 files changed, 51 insertions(+), 50 deletions(-)

diff --git a/app.js b/app.js
index b58a6d77df..d74b7cf513 100644
--- a/app.js
+++ b/app.js
@@ -114,56 +114,60 @@ fs.readFile(path.join(__dirname, 'config.json'), function(err, data) {
 						ask('... the host port of your Redis instance? (6379)', function(redis_port) {
 							ask('... the password of your Redis database? (no password)', function(redis_password) {
 								ask('... your NodeBB secret? (keyboard mash for a bit here)', function(secret) {
-									if (!base_url) base_url = 'http://localhost';
-									if (!port) port = 4567;
-									if (!use_port) use_port = true; else use_port = (use_port === 'y' ? true : false);
-									if (!redis_host) redis_host = '127.0.0.1';
-									if (!redis_port) redis_port = 6379;
-									if (!secret) secret = utils.generateUUID();
-
-									var	fs = require('fs'),
-										path = require('path'),
-										config = {
-											secret: secret,
-											base_url: base_url,
-											port: port,
-											use_port: use_port,
-											upload_path: '/public/uploads/',
-											redis: {
-												host: redis_host,
-												port: redis_port,
-												password: redis_password
+									ask('... the number of rounds to use for bcrypt.genSalt? (10)', function(bcrypt_rounds) {
+										if (!base_url) base_url = 'http://localhost';
+										if (!port) port = 4567;
+										if (!use_port) use_port = true; else use_port = (use_port === 'y' ? true : false);
+										if (!redis_host) redis_host = '127.0.0.1';
+										if (!redis_port) redis_port = 6379;
+										if (!secret) secret = utils.generateUUID();
+										if (!bcrypt_rounds) bcrypt_rounds = 10;
+
+										var	fs = require('fs'),
+											path = require('path'),
+											config = {
+												secret: secret,
+												base_url: base_url,
+												port: port,
+												use_port: use_port,
+												upload_path: '/public/uploads/',
+												bcrypt_rounds: bcrypt_rounds,
+												redis: {
+													host: redis_host,
+													port: redis_port,
+													password: redis_password
+												}
 											}
-										}
-
-									// Server-side config
-									fs.writeFile(path.join(__dirname, 'config.json'), JSON.stringify(config, null, 4), function(err) {
-										if (err) throw err;
-										else {
-											process.stdout.write(
-												"\n\nConfiguration Saved OK\n\n"
-											);
-											if (!args.setup) {
+
+										// Server-side config
+										fs.writeFile(path.join(__dirname, 'config.json'), JSON.stringify(config, null, 4), function(err) {
+											if (err) throw err;
+											else {
+												process.stdout.write(
+													"\n\nConfiguration Saved OK\n\n"
+												);
+												if (!args.setup) {
+													process.stdout.write(
+														"Please start NodeBB again and register a new user at " +
+														base_url + (use_port ? ':' + port : '') + "/register. This user will automatically become an administrator.\n\n"
+													);
+												}
 												process.stdout.write(
-													"Please start NodeBB again and register a new user at " +
-													base_url + (use_port ? ':' + port : '') + "/register. This user will automatically become an administrator.\n\n"
+													"If at any time you'd like to run this setup again, run the app with the \"--setup\" flag\n\n"
 												);
+												process.exit();
 											}
-											process.stdout.write(
-												"If at any time you'd like to run this setup again, run the app with the \"--setup\" flag\n\n"
-											);
-											process.exit();
-										}
+										});
+
+										// Client-side config
+										fs.writeFile(path.join(__dirname, 'public', 'config.json'), JSON.stringify({
+											socket: {
+												address: base_url,
+												port: port
+											},
+											api_url: base_url + (use_port ? ':' + port : '') + '/api/'
+										}, null, 4));
 									});
-
-									// Client-side config
-									fs.writeFile(path.join(__dirname, 'public', 'config.json'), JSON.stringify({
-										socket: {
-											address: base_url,
-											port: port
-										},
-										api_url: base_url + (use_port ? ':' + port : '') + '/api/'
-									}, null, 4))
 								});
 							});
 						});
diff --git a/src/user.js b/src/user.js
index 51ae5ccdca..0c2ab2f73c 100644
--- a/src/user.js
+++ b/src/user.js
@@ -357,10 +357,7 @@ var utils = require('./../public/src/utils.js'),
 			return;
 		}
 
-		// round count should be variable somewhere instead of hardcoded here
-		// if an admin has the resources to up the round count, then making it easy for them to do so
-		// can't hurt
-		bcrypt.genSalt(10, function(err, salt) {
+		bcrypt.genSalt(config.bcrypt_rounds, function(err, salt) {
 			bcrypt.hash(password, salt, function(err, hash) {
 				callback(hash);
 			});
@@ -391,7 +388,7 @@ var utils = require('./../public/src/utils.js'),
 	}
 
 	User.onNewPostMade = function(uid, tid, pid, timestamp) {
-		User.addPostIdToUser(uid, pid)
+		User.addPostIdToUser(uid, pid);
 
 		User.incrementUserFieldBy(uid, 'postcount', 1);
 		User.setUserField(uid, 'lastposttime', timestamp);