From b235f3b15c787b5cc687e3155dee1c608c420067 Mon Sep 17 00:00:00 2001
From: Julian Lam <julian@nodebb.org>
Date: Tue, 3 Nov 2020 11:34:15 -0500
Subject: [PATCH] feat: add additional test for passwords > 73 chars

---
 test/password.js | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/test/password.js b/test/password.js
index 7e6d8225f2..cc02be3bc2 100644
--- a/test/password.js
+++ b/test/password.js
@@ -13,7 +13,9 @@ describe('Password', () => {
 		});
 	});
 
-	describe('.compare()', () => {
+	describe('.compare()', async () => {
+		const salt = await bcrypt.genSalt(12);
+
 		it('should correctly compare a password and a hash', async () => {
 			const hash = await password.hash(12, 'test');
 			const match = await password.compare('test', hash, true);
@@ -21,9 +23,19 @@ describe('Password', () => {
 		});
 
 		it('should correctly handle comparison with no sha wrapping of the input (backwards compatibility)', async () => {
-			const hash = await bcrypt.hash('test', await bcrypt.genSalt(12));
+			const hash = await bcrypt.hash('test', salt);
 			const match = await password.compare('test', hash, false);
 			assert(match);
 		});
+
+		it('should continue to function even with passwords > 73 characters', async () => {
+			const arr = [];
+			arr.length = 100;
+			const hash = await password.hash(12, arr.join('a'));
+
+			arr.length = 150;
+			const match = await password.compare(arr.join('a'), hash, true);
+			assert.strictEqual(match, false);
+		});
 	});
 });