func (m DefaultManager) SaveAccount(account *auth.Account) error {
var (
hash string
eventType string
)
if account.Password != "" {
h, err := auth.Hash(account.Password)
if err != nil {
return err
}
hash = h
}
// check if exists; if so, update
acct, err := m.Account(account.Username)
if err != nil && err != ErrAccountDoesNotExist {
return err
}
// update
if acct != nil {
updates := map[string]interface{}{
"first_name": account.FirstName,
"last_name": account.LastName,
"roles": account.Roles,
}
if account.Password != "" {
updates["password"] = hash
}
if _, err := r.Table(tblNameAccounts).Filter(map[string]string{"username": account.Username}).Update(updates).RunWrite(m.session); err != nil {
return err
}
eventType = "update-account"
} else {
account.Password = hash
if _, err := r.Table(tblNameAccounts).Insert(account).RunWrite(m.session); err != nil {
return err
}
eventType = "add-account"
}
m.logEvent(eventType, fmt.Sprintf("username=%s", account.Username), []string{"security"})
return nil
}
func (m DefaultManager) ChangePassword(username, password string) error {
if !m.authenticator.IsUpdateSupported() {
return fmt.Errorf("not supported for authenticator: %s", m.authenticator.Name())
}
hash, err := auth.Hash(password)
if err != nil {
return err
}
if _, err := r.Table(tblNameAccounts).Filter(map[string]string{"username": username}).Update(map[string]string{"password": hash}).Run(m.session); err != nil {
return err
}
m.logEvent("change-password", username, []string{"security"})
return nil
}
