// Create makes a new Admin account with a given email and pwhash.
func Create(d db.DB, email, pwhash string) (util.Key, error) {
var none util.Key
adminJSON, err := db.GetByKey(d, emails, []byte(email))
switch {
case err != nil:
return none, err
case len(adminJSON) != 0:
return none, errors.AlreadyExistsf("admin for email %s:", email)
}
hash, salt := util.HashedAndSalt(pwhash, time.Now().String())
seed := time.Now().String()
key := util.SaltedHash(string(hash), seed)
adm := &Admin{
Email: email,
Salt: salt,
Hash: hash,
Key: key,
}
if err := db.StoreKeyValue(d, admins, []byte(key), adm); err != nil {
return none, err
}
return key, db.StoreKeyValue(d, emails, []byte(email), adm)
}
func (s *UtilSuite) TestHashedAndSalt(c *gc.C) {
for i, t := range []struct {
should string
givenPw string
givenSeed string
expectHash util.Hash
expectSalt util.Salt
}{{
should: "work",
givenPw: "foobar",
givenSeed: "seedFooBar",
expectHash: "edd40ea1fef74898d639b6cdce7610c518487e2a",
expectSalt: "c9fd228aa912e8a3f591590e486719af283598f0",
}, {
should: "work",
givenPw: "deadbeef",
givenSeed: "anotherseed",
expectHash: "50aa2ddda4f15d637585d2843242cba76d130afc",
expectSalt: "125b43964f67f88d7de538b1d310c479822a5d0d",
}} {
c.Logf("test %d: should %s", i, t.should)
h, s := util.HashedAndSalt(t.givenPw, t.givenSeed)
c.Check(string(h), gc.Equals, string(t.expectHash))
c.Check(string(s), gc.Equals, string(t.expectSalt))
}
}
func CreateUser(d db.DB, email, pwhash string) error {
userBytes, err := db.GetByKey(d, Users, []byte(email))
if err != nil {
return err
}
if len(userBytes) != 0 {
return errors.AlreadyExistsf("user for email %q", email)
}
seed := time.Now().String()
hash, salt := util.HashedAndSalt(pwhash, seed)
return db.StoreKeyValue(d, Users, b(email), User{
Email: email,
Salt: salt,
Hash: hash,
})
}