Exemple #1
0
func authClient(clientId, clientSecret string) error {
	acc, err := db.Search(clientId, "", 1, 0)
	if err != nil {
		return errors.InternalServerError("go.micro.srv.auth", "server_error")
	}

	if len(acc) == 0 {
		return errors.BadRequest("go.micro.srv.auth", "invalid_request")
	}

	// check the secret
	salt, secret, err := db.SaltAndSecret(acc[0].Id)
	if err != nil {
		return errors.InternalServerError("go.micro.srv.auth", "server_error")
	}

	s, err := base64.StdEncoding.DecodeString(secret)
	if err != nil {
		return errors.InternalServerError("go.micro.srv.auth", "server_error")
	}

	// does it match?
	if err := bcrypt.CompareHashAndPassword(s, []byte(x+salt+clientSecret)); err != nil {
		return errors.BadRequest("go.micro.srv.auth", "access_denied")
	}

	return nil
}
Exemple #2
0
func (s *Account) Search(ctx context.Context, req *account.SearchRequest, rsp *account.SearchResponse) error {
	if req.Limit <= 0 {
		req.Limit = 10
	}
	if req.Offset < 0 {
		req.Offset = 0
	}

	accounts, err := db.Search(req.ClientId, req.Type, req.Limit, req.Offset)
	if err != nil {
		return err
	}
	rsp.Accounts = accounts
	return nil
}