Exemple #1
0
// LoginUser tries to login a user using given credentials
func LoginUser(sess *sessions.Session, uR *UserRepository, username string, password string) (bool, error) {

	err := ValidateLogin(username, password)

	// Check if we have the needed values for login
	if err != nil {
		return false, err
	}

	// Get the username object that has this username
	user := uR.ByUsername(username)

	// Check if the username exists
	if user.ID == 0 {
		return false, errBadCredentials
	}

	// If we have a username, check if passwords are matching
	passMatch := hash.CompareWithHash([]byte(user.Password), password)

	if passMatch == false {
		return false, errBadCredentials
	}

	// Login successful, clear all session variables and add the user details in session
	// Need to thing more of this if it's really necessary
	session.Empty(sess)

	sess.Values["user_id"] = user.ID
	sess.Values["username"] = user.Username

	return true, nil
}
Exemple #2
0
// ValidatePasswordChange validates a password change given current password, new password and confirmed password
func ValidatePasswordChange(
	uR *UserRepository,
	user User,
	currentPassword string,
	newPassword string,
	passwordConfirmation string) error {

	// Check if passwords are matching
	passMatch := hash.CompareWithHash([]byte(user.Password), currentPassword)

	if passMatch == false {
		return errCurrPasswordDoesntMatch
	}

	//Current password is true, check if new passwords match"
	if strings.Compare(newPassword, passwordConfirmation) != 0 {
		return errPasswordDoesntMatch
	}

	return nil
}