Example #1
0
func (suite *OauthTestSuite) TestSetPassword() {
	var (
		user *User
		err  error
	)

	// Insert a test user without a password
	user = &User{
		Username: "******",
		Password: util.StringOrNull(""),
	}
	if err := suite.db.Create(user).Error; err != nil {
		log.Fatal(err)
	}

	// Try to set an empty password
	err = suite.service.SetPassword(user, "")

	// Correct error should be returned
	if assert.NotNil(suite.T(), err) {
		assert.Equal(suite.T(), errCannotSetEmptyUserPassword, err)
	}

	// Try changing the password
	err = suite.service.SetPassword(user, "test_password")

	// Error should be nil
	assert.Nil(suite.T(), err)

	// User object should have been updated
	assert.Equal(suite.T(), "test@user_nopass", user.Username)
	assert.Nil(suite.T(), pass.VerifyPassword(user.Password.String, "test_password"))
}
Example #2
0
// AuthClient authenticates client
func (s *Service) AuthClient(clientID, secret string) (*Client, error) {
	// Fetch the client
	client, err := s.FindClientByClientID(clientID)
	if err != nil {
		return nil, errors.New("Client not found")
	}

	// Verify the secret
	if password.VerifyPassword(client.Secret, secret) != nil {
		return nil, errors.New("Invalid secret")
	}

	return client, nil
}
Example #3
0
// AuthUser authenticates user
func (s *Service) AuthUser(username, thePassword string) (*User, error) {
	// Fetch the user
	user, err := s.FindUserByUsername(username)
	if err != nil {
		return nil, errors.New("User not found")
	}

	// Verify the password
	if password.VerifyPassword(user.Password, thePassword) != nil {
		return nil, errors.New("Invalid password")
	}

	return user, nil
}
Example #4
0
// AuthClient authenticates client
func (s *Service) AuthClient(clientID, secret string) (*Client, error) {
	// Fetch the client
	client, err := s.FindClientByClientID(clientID)
	if err != nil {
		return nil, errClientNotFound
	}

	// Verify the secret
	if password.VerifyPassword(client.Secret, secret) != nil {
		return nil, errInvalidClientSecret
	}

	return client, nil
}
Example #5
0
// AuthUser authenticates user
func (s *Service) AuthUser(username, password string) (*User, error) {
	// Fetch the user
	user, err := s.FindUserByUsername(username)
	if err != nil {
		return nil, errUserNotFound
	}

	// Check that the password is set
	if !user.Password.Valid {
		return nil, errUserPasswordNotSet
	}

	// Verify the password
	if pass.VerifyPassword(user.Password.String, password) != nil {
		return nil, errInvalidUserPassword
	}

	return user, nil
}