Beispiel #1
0
func changePass(w http.ResponseWriter, r *http.Request) {
	page := NewPage()
	page.File = "templates/change.html"
	if r.Method != "POST" {
		servePage(page, w, r)
		return
	}
	err := r.ParseForm()
	if err != nil {
		serveErr(page, err, w, r)
		return
	}
	user := r.Form.Get("user")
	pass := r.Form.Get("pass")
	new_pass := r.Form.Get("newpass")
	confirm := r.Form.Get("confirm")

	if new_pass != confirm {
		err = fmt.Errorf("New passwords do not match.")
		serveErr(page, err, w, r)
		return
	}
	if !check_auth || !auth.Authenticate(user, pass) {
		page.Msg = "Authentication failed."
		page.ShowErr = true
		servePage(page, w, r)
		return
	}

	salt, hash := auth.HashPass(new_pass)
	if len(salt) == 0 || len(hash) == 0 {
		page.Msg = "Invalid password."
		page.ShowErr = true
		servePage(page, w, r)
		return
	}
	err = dbChangePass(user, salt, hash)
	if err != nil {
		serveErr(page, err, w, r)
		return
	}
	page.ShowMsg = true
	page.Msg = "Password changed."
	servePage(page, w, r)
}
Beispiel #2
0
func addUser(w http.ResponseWriter, r *http.Request) {
	page := NewPage()
	page.File = "templates/add.html"
	if admin_user == "" {
		err := fmt.Errorf("No administrative user specified.")
		serveErr(page, err, w, r)
		return
	}
	if r.Method != "POST" {
		servePage(page, w, r)
		return
	}
	err := r.ParseForm()
	if err != nil {
		serveErr(page, err, w, r)
		return
	}
	user := r.Form.Get("user")
	pass := r.Form.Get("pass")
	if user != admin_user && !auth.Authenticate(user, pass) {
		err = fmt.Errorf("Authentication failed.")
		serveErr(page, err, w, r)
		return
	}
	new_user := r.Form.Get("newuser")
	new_pass := r.Form.Get("newpass")
	salt, hash := auth.HashPass(new_pass)
	if len(salt) == 0 || len(hash) == 0 {
		page.Msg = "Invalid password."
		page.ShowErr = true
		servePage(page, w, r)
		return
	}
	err = addUserToDb(new_user, salt, hash)
	if err != nil {
		serveErr(page, err, w, r)
	} else {
		page.Msg = "User added."
		page.ShowMsg = true
		servePage(page, w, r)
	}
}
Beispiel #3
0
// Initialise security options
func initSecurity(cfgSec map[string]string) {
	if cfgSec == nil {
		return
	}
	for key, val := range cfgSec {
		key = strings.ToLower(key)
		switch key {
		case "username":
			Security.User.Name = val
		case "password":
			salt, hash := auth.HashPass(val)
			Security.User.Salt = salt
			Security.User.Hash = hash
		case "lockview":
			Security.AuthView = true
		case "certfile":
			Security.TLS.Cert = val
		case "keyfile":
			Security.TLS.Key = val
		}
	}

	if Security.TLS.Key != "" && Security.TLS.Cert != "" {
		Security.TLS.Enabled = true
	}

	if len(Security.User.Hash) != 0 && len(Security.User.Salt) != 0 {
		Security.Enabled = true
		Security.SessionStore = auth.CreateSessionStore(
			"gowik_as",
			Security.TLS.Enabled,
			nil,
		)
		auth.LookupCredentials = authenticate
	}
}