func (conn *CassConnection) CreateAccount(
	username,
	email,
	password string) (datalayer.Account, error) {

	salt := conn.dl.cfg.OptPasswordSecretSalt()
	hashCost := conn.dl.cfg.OptPasswordHashCost()

	password_hash, _ := bcrypt.GenerateFromPassword(
		[]byte(password+salt), int(hashCost))

	err := validateUsername(username)
	if err != nil {
		return nil, err
	}

	err = validateEmail(email)
	if err != nil {
		return nil, err
	}

	err = validatePassword(password)
	if err != nil {
		return nil, err
	}

	activation_code, err := random.Base64String(24)
	if err != nil {
		return nil, err
	}

	now := time.Now()

	// TODO: transactionize
	if err := conn.session.Query(`
            INSERT INTO accounts (
                username, 
                email, 
                password_hash, 
                activated, 
                activation_code,
                password_reset_code,
                password_reset_code_expiry)
            VALUES (?, ?, ?, ?, ?, ?, ?)
    `, username, email, password_hash, false, activation_code, "", now).Exec(); err != nil {
		canolog.Error("Error creating account:", err)
		return nil, err
	}

	if err := conn.session.Query(`
            INSERT INTO account_emails (email, username)
            VALUES (?, ?)
    `, email, username).Exec(); err != nil {
		canolog.Error("Error setting account email:", err)
		return nil, err
	}

	return &CassAccount{conn, username, email, password_hash, false, activation_code, "", now}, nil
}
Example #2
0
func (account *CassAccount) SetEmail(newEmail string) error {
	// validate new email address
	err := validateEmail(newEmail)
	if err != nil {
		return err
	}

	// generate new activation code
	newActivationCode, err := random.Base64String(24)
	if err != nil {
		return err
	}

	// TODO: transactionize
	// update accounts table
	err = account.conn.session.Query(`
            UPDATE accounts
            SET email = ?,
                activated = false,
                activation_code = ?
            WHERE username = ?
    `, newEmail, newActivationCode, account.Username()).Exec()
	if err != nil {
		canolog.Error("Error changing email address to", newEmail, ":", err)
		return err
	}

	// Update account_emails table
	// Remove old email address
	err = account.conn.session.Query(`
            DELETE FROM account_emails
            WHERE email = ?
    `, account.Email()).Exec()
	if err != nil {
		canolog.Error("Error removing old email while changing email address to", newEmail, ":", err)
		return err
	}

	// Add new email address
	err = account.conn.session.Query(`
            INSERT INTO account_emails (email, username)
            VALUES (?, ?)
    `, newEmail, account.Username()).Exec()
	if err != nil {
		canolog.Error("Error adding new email while changing email address to", newEmail, ":", err)
		return err
	}

	// update local copy
	account.activated = false
	account.activation_code = newActivationCode
	account.email = newEmail

	return nil
}
func (conn *CassConnection) CreateDevice(
	name string,
	uuid *gocql.UUID,
	secretKey string,
	publicAccessLevel datalayer.AccessLevel) (datalayer.Device, error) {
	// TODO: validate parameters
	var id gocql.UUID
	var err error

	if uuid == nil {
		id, err = gocql.RandomUUID()
		if err != nil {
			return nil, err
		}
	} else {
		id = *uuid
	}

	if secretKey == "" {
		secretKey, err = random.Base64String(24)
		if err != nil {
			return nil, err
		}
	}

	err = conn.session.Query(`
            INSERT INTO devices (device_id, secret_key, friendly_name, public_access_level)
            VALUES (?, ?, ?, ?)
    `, id, secretKey, name, publicAccessLevel).Exec()
	if err != nil {
		canolog.Error("Error creating device:", err)
		return nil, err
	}
	return &CassDevice{
		conn:              conn,
		deviceId:          id,
		secretKey:         secretKey,
		name:              name,
		doc:               sddl.Sys.NewEmptyDocument(),
		docString:         "",
		publicAccessLevel: publicAccessLevel,
		locationNote:      "",
		wsConnected:       false,
	}, nil
}
Example #4
0
func (account *CassAccount) GenResetPasswordCode() (string, error) {
	// Generate Password Reset Code
	reset_code, err := random.Base64String(24)
	if err != nil {
		return "", err
	}

	expiry := time.Now().Add(time.Hour * 24)

	err = account.conn.session.Query(`
            UPDATE accounts
            SET password_reset_code = ?,
                password_reset_code_expiry = ?
            WHERE username = ?
    `, reset_code, expiry, account.Username()).Exec()
	if err != nil {
		return "", err
	}
	account.password_reset_code = reset_code
	account.password_reset_code_expiry = expiry
	return reset_code, nil
}