// SetPassword sets the password associated with the user.
func (u *User) SetPassword(password string) error {
salt, err := utils.RandomSalt()
if err != nil {
return err
}
return u.SetPasswordHash(utils.UserPasswordHash(password, salt), salt)
}
// AddUser adds a user to the state.
func (st *State) AddUser(name, password string) (*User, error) {
if !validUser.MatchString(name) {
return nil, fmt.Errorf("invalid user name %q", name)
}
salt, err := utils.RandomSalt()
if err != nil {
return nil, err
}
u := &User{
st: st,
doc: userDoc{
Name: name,
PasswordHash: utils.UserPasswordHash(password, salt),
PasswordSalt: salt,
},
}
ops := []txn.Op{{
C: st.users.Name,
Id: name,
Assert: txn.DocMissing,
Insert: &u.doc,
}}
err = st.runTransaction(ops)
if err == txn.ErrAborted {
err = fmt.Errorf("user already exists")
}
if err != nil {
return nil, err
}
return u, nil
}
func (passwordSuite) TestRandomSalt(c *gc.C) {
salt, err := utils.RandomSalt()
c.Assert(err, gc.IsNil)
if len(salt) < 12 {
c.Errorf("salt too short: %q", salt)
}
// check we're not adding base64 padding.
c.Assert(salt, gc.Matches, base64Chars)
}