lupine/crockery
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Reorganize the store, add a FindAccounts method

Browse Source
This commit is contained in:
Nick Thomas
2018-03-08 00:46:22 +00:00
parent 442ca833ea
commit be7ca459a5
4 changed files with 53 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

59
internal/store/account.go
View File

@@ -1,18 +1,16 @@
package store
import (
"fmt"
"golang.org/x/crypto/bcrypt"
)
// HashPassword turns a plaintext password into a crypt()ed string, using bcrypt
func HashPassword(password string) (string, error) {
b, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
return string(b), err
}
func CheckPassword(hashed, plain string) bool {
return bcrypt.CompareHashAndPassword([]byte(hashed), []byte(plain)) == nil
type AccountInterface interface {
CreateAccount(*Account) error
FindAccount(string) (Account, error)
FindAccounts(...string) ([]Account, error)
FindAccountWithPassword(string, string) (Account, error)
}
// Account is stored in the database as domains/<domain>/accounts/<id>/config
@@ -32,3 +30,46 @@ type Account struct {
// As generated by HashPassword
PasswordHash string
}
// HashPassword turns a plaintext password into a crypt()ed string, using bcrypt
func HashPassword(password string) (string, error) {
b, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
return string(b), err
}
func CheckPassword(hashed, plain string) bool {
return bcrypt.CompareHashAndPassword([]byte(hashed), []byte(plain)) == nil
}
func (c *concrete) CreateAccount(account *Account) error {
return c.storm.Save(account)
}
func (c *concrete) FindAccount(username string) (Account, error) {
var account Account
return account, c.storm.One("Username", username, &account)
}
func (c *concrete) FindAccounts(usernames ...string) ([]Account, error) {
var accounts []Account
return accounts, c.storm.Find("Username", usernames, &accounts)
}
func (c *concrete) FindAccountWithPassword(username, password string) (Account, error) {
account, err := c.FindAccount(username)
if err != nil {
// Always do a bcrypt check to avoid timing attacks
_ = CheckPassword("", "")
return Account{}, err
}
if !CheckPassword(account.PasswordHash, password) {
return Account{}, fmt.Errorf("bad password")
}
return account, nil
}