// register a user
func (this *UserService) RegisterUser(u *user.User, username, email, password string, userType *user.UserType, role *user.Role) error {
u.UserType = userType
// use random salt encode password
salt := GetUserSalt()
pwd := utils.EncodePassword(password, salt)
u.Username = strings.ToLower(username)
u.Email = strings.ToLower(email)
// save salt and encode password, use $ as split char
u.Password = fmt.Sprintf("%s$%s", salt, pwd)
u.PasswordSalt = salt
var err error
tr := orm.NewOrm()
tr.Begin()
if err = this.InsertWithScope(tr, u); err == nil {
roleService := RoleService{}
err = roleService.InsertUsersWithScope(tr, role, u)
}
if err == nil {
tr.Commit()
} else {
tr.Rollback()
}
return err
}
// set a new password to user
func (this *UserService) SaveNewPassword(u *user.User, password string) error {
salt := GetUserSalt()
u.Password = fmt.Sprintf("%s$%s", salt, utils.EncodePassword(password, salt))
u.PasswordSalt = salt
_, err := orm.NewOrm().Update(u, "Password", "PasswordSalt", "Updated")
return err
}
// compare raw password and encoded password
func (this *UserService) VerifyPassword(rawPwd, encodedPwd string) bool {
// for discuz accounts
if len(encodedPwd) == 39 {
salt := encodedPwd[:6]
encoded := encodedPwd[7:]
return encoded == utils.EncodeMd5(utils.EncodeMd5(rawPwd)+salt)
}
// split
var salt, encoded string
if len(encodedPwd) > 11 {
salt = encodedPwd[:10]
encoded = encodedPwd[11:]
}
return utils.EncodePassword(rawPwd, salt) == encoded
}
func TestPasswordSpec(t *testing.T) {
password := "******"
var err error
Convey("Authentication Testing", t, func() {
Convey("generateSalt()", func() {
salt := GetUserSalt()
So(salt, ShouldNotBeBlank)
So(len(salt), ShouldEqual, 10)
})
Convey("hashPassword()", func() {
hash := utils.EncodePassword(password, GetUserSalt())
So(hash, ShouldNotBeBlank)
So(len(hash), ShouldEqual, 100)
})
Convey("Create a user", func() {
u := new(user.User)
u.Username = "******"
u.Password = password
db := orm.NewOrm()
//ensure testuser not exist in the database
_, err = db.Raw("delete from role where role_info_id = (select id from user_info where user_name = ? limit 1)", u.Username).Exec()
if err != nil {
Println(err)
}
_, err = db.Raw("delete from user_info where user_name=?", u.Username).Exec()
if err != nil {
Println(err)
}
err := userServ.RegisterUser(u, "testuser", "*****@*****.**", password, &model.UserType{Id: 1}, &model.Role{Id: 2})
if err != nil {
Println(err)
}
So(err, ShouldEqual, nil)
So(u.Id, ShouldBeGreaterThan, 0)
Convey("VerifyUser()", func() {
So(userServ.VerifyUser(u, u.Username, password), ShouldEqual, true)
})
Convey("CanRegister()", func() {
var canName, canEmail bool = true, true
canName, canEmail, _ = userServ.CanRegistered("testuser", "*****@*****.**")
So(canName, ShouldEqual, false)
So(canEmail, ShouldEqual, false)
canName, canEmail, _ = userServ.CanRegistered("testuser", "*****@*****.**")
So(canName, ShouldEqual, false)
So(canEmail, ShouldEqual, true)
canName, canEmail, _ = userServ.CanRegistered("whatever", "*****@*****.**")
So(canName, ShouldEqual, true)
So(canEmail, ShouldEqual, false)
canName, canEmail, _ = userServ.CanRegistered("whatever", "*****@*****.**")
So(canName, ShouldEqual, true)
So(canEmail, ShouldEqual, true)
})
Convey("HasUser()", func() {
So(userServ.HasUser(u, "testuser"), ShouldEqual, true)
})
Convey("SaveNewPassword()", func() {
newPassword := "******"
userServ.SaveNewPassword(u, newPassword)
So(userServ.VerifyUser(u, u.Username, password), ShouldEqual, false)
So(userServ.VerifyUser(u, u.Username, newPassword), ShouldEqual, true)
})
Convey("FuzzySearch()", func() {
var users []*model.User
userServ.FuzzySearch(&users, "t", 2, 0, 200)
So(len(users), ShouldBeGreaterThanOrEqualTo, 1)
})
})
})
}