// Before creating a user, add in the uuid func (u *User) BeforeCreate() (err error) { u5, err := uuid.NewV5(uuid.NamespaceURL, []byte(u.Email)) if err != nil { fmt.Println("UUID error:", err) return } u4, err := uuid.NewV4() if err != nil { fmt.Println("Salt error:", err) return } token, err := uuid.NewV4() if err != nil { fmt.Println("Token error:", err) return } hashed := utils.Hash([]byte(u.Password), []byte(u4.String())) u.Password = hashed u.Salt = u4.String() u.Uuid = u5.String() u.ActivationToken = token.String() return }
// GET /users/user/:uuid/reset func GetUsersReset(r render.Render, params martini.Params) { user := db.User{} if db.DB.Where("uuid = ?", params["uuid"]).First(&user).RecordNotFound() { r.Error(404) } else { password := utils.RandPassword(8) user.Password = utils.Hash([]byte(password), []byte(user.Salt)) db.DB.Save(&user) go utils.SendResetPassword(user.Email, password) r.Redirect("/users") } }
// Authenticate a user given the user name and the plaintext password func Auth(email string, password string) (session_id string, err error) { // get user from database var user = User{} err = DB.Where("email = ?", email).First(&user).Error if err != nil { return } // hash the password hashed := utils.Hash([]byte(password), []byte(user.Salt)) if user.Password == hashed { sess := Session{User_id: user.Uuid} err = DB.Save(&sess).Error if err != nil { return } session_id = sess.Uuid } else { err = errors.New("Wrong password") } return }