Beispiel #1
0
func LoginUser(d db.DB, email, pwhash string) (util.Key, error) {
	// Get the hash and password for the email.
	// util.CheckHashedPw(pw, salt, hash)
	// if ok, then log in.
	userBytes, err := db.GetByKey(d, Users, []byte(email))
	if err != nil {
		return "", err
	}

	if len(userBytes) == 0 {
		return "", fmt.Errorf("no user for email %q", email)
	}

	var u User
	err = json.Unmarshal(userBytes, &u)
	if err != nil {
		return "", err
	}

	ok := util.CheckHashedPw(pwhash, u.Salt, u.Hash)
	if !ok {
		return "", fmt.Errorf("invalid password")
	}

	key := util.SaltedHash(pwhash, time.Now().String())
	timeout := time.Now().Add(GetTimeout())
	err = db.StoreKeyValue(d, SessionKeys, b(email), Login{key, timeout})
	if err != nil {
		return "", err
	}

	return key, nil
}
Beispiel #2
0
func (s *UtilSuite) TestCheckHashedPw(c *gc.C) {
	for i, t := range []struct {
		should    string
		givenPw   string
		givenSalt util.Salt
		givenHash util.Hash
		expect    bool
	}{{
		should:    "work",
		givenPw:   "foobar",
		givenSalt: "c9fd228aa912e8a3f591590e486719af283598f0",
		givenHash: "edd40ea1fef74898d639b6cdce7610c518487e2a",
		expect:    true,
	}, {
		should:    "also work",
		givenPw:   "deadbeef",
		givenSalt: "125b43964f67f88d7de538b1d310c479822a5d0d",
		givenHash: "50aa2ddda4f15d637585d2843242cba76d130afc",
		expect:    true,
	}} {
		c.Logf("test %d: should %s", i, t.should)
		result := util.CheckHashedPw(t.givenPw, t.givenSalt, t.givenHash)
		c.Check(result, gc.Equals, t.expect)
	}
}
Beispiel #3
0
func CheckUser(d db.DB, email, pwhash string) error {
	u, err := Get(d, email)
	if err != nil {
		return err
	}

	if ok := util.CheckHashedPw(pwhash, u.Salt, u.Hash); !ok {
		return fmt.Errorf("invalid password")
	}

	return nil
}