// Create makes a new Admin account with a given email and pwhash. func Create(d db.DB, email, pwhash string) (util.Key, error) { var none util.Key adminJSON, err := db.GetByKey(d, emails, []byte(email)) switch { case err != nil: return none, err case len(adminJSON) != 0: return none, errors.AlreadyExistsf("admin for email %s:", email) } hash, salt := util.HashedAndSalt(pwhash, time.Now().String()) seed := time.Now().String() key := util.SaltedHash(string(hash), seed) adm := &Admin{ Email: email, Salt: salt, Hash: hash, Key: key, } if err := db.StoreKeyValue(d, admins, []byte(key), adm); err != nil { return none, err } return key, db.StoreKeyValue(d, emails, []byte(email), adm) }
func (s *UtilSuite) TestHashedAndSalt(c *gc.C) { for i, t := range []struct { should string givenPw string givenSeed string expectHash util.Hash expectSalt util.Salt }{{ should: "work", givenPw: "foobar", givenSeed: "seedFooBar", expectHash: "edd40ea1fef74898d639b6cdce7610c518487e2a", expectSalt: "c9fd228aa912e8a3f591590e486719af283598f0", }, { should: "work", givenPw: "deadbeef", givenSeed: "anotherseed", expectHash: "50aa2ddda4f15d637585d2843242cba76d130afc", expectSalt: "125b43964f67f88d7de538b1d310c479822a5d0d", }} { c.Logf("test %d: should %s", i, t.should) h, s := util.HashedAndSalt(t.givenPw, t.givenSeed) c.Check(string(h), gc.Equals, string(t.expectHash)) c.Check(string(s), gc.Equals, string(t.expectSalt)) } }
func CreateUser(d db.DB, email, pwhash string) error { userBytes, err := db.GetByKey(d, Users, []byte(email)) if err != nil { return err } if len(userBytes) != 0 { return errors.AlreadyExistsf("user for email %q", email) } seed := time.Now().String() hash, salt := util.HashedAndSalt(pwhash, seed) return db.StoreKeyValue(d, Users, b(email), User{ Email: email, Salt: salt, Hash: hash, }) }