Esempio n. 1
0
// Create makes a new Admin account with a given email and pwhash.
func Create(d db.DB, email, pwhash string) (util.Key, error) {
	var none util.Key
	adminJSON, err := db.GetByKey(d, emails, []byte(email))

	switch {
	case err != nil:
		return none, err
	case len(adminJSON) != 0:
		return none, errors.AlreadyExistsf("admin for email %s:", email)
	}

	hash, salt := util.HashedAndSalt(pwhash, time.Now().String())
	seed := time.Now().String()
	key := util.SaltedHash(string(hash), seed)

	adm := &Admin{
		Email: email,
		Salt:  salt,
		Hash:  hash,
		Key:   key,
	}

	if err := db.StoreKeyValue(d, admins, []byte(key), adm); err != nil {
		return none, err
	}

	return key, db.StoreKeyValue(d, emails, []byte(email), adm)
}
Esempio n. 2
0
func LoginUser(d db.DB, email, pwhash string) (util.Key, error) {
	// Get the hash and password for the email.
	// util.CheckHashedPw(pw, salt, hash)
	// if ok, then log in.
	userBytes, err := db.GetByKey(d, Users, []byte(email))
	if err != nil {
		return "", err
	}

	if len(userBytes) == 0 {
		return "", fmt.Errorf("no user for email %q", email)
	}

	var u User
	err = json.Unmarshal(userBytes, &u)
	if err != nil {
		return "", err
	}

	ok := util.CheckHashedPw(pwhash, u.Salt, u.Hash)
	if !ok {
		return "", fmt.Errorf("invalid password")
	}

	key := util.SaltedHash(pwhash, time.Now().String())
	timeout := time.Now().Add(GetTimeout())
	err = db.StoreKeyValue(d, SessionKeys, b(email), Login{key, timeout})
	if err != nil {
		return "", err
	}

	return key, nil
}
Esempio n. 3
0
func cliCreate(c *cli.CLI, d db.DB) cli.CommandFunc {
	return func(args ...string) (cli.Response, error) {
		var (
			createArgs = make(map[string]string)
			email      string
			pwhash     string
			err        error
			none       = cli.Response("")
			rl         = c.Rl
		)

		if rl == nil {
			return none, errors.New("tried to create admin using nil readline")
		}

		for _, arg := range args {
			splt := strings.SplitN(arg, "=", 2)
			if len(splt) < 2 {
				return "", errors.New("create args must be of the form pw=foo email=bar")
			}
			createArgs[splt[0]] = splt[1]
		}

		email, ok := createArgs["email"]
		if !ok {
			email, err = getAdminEmail(rl, d)
			if err != nil {
				return none, err
			}
		}

		pw, ok := createArgs["pw"]
		if !ok {
			var b []byte
			b, err = rl.ReadPassword("Enter password: "******"key: " + string(key)), nil
	}
}
Esempio n. 4
0
func LoginUser(d db.DB, email, pwhash string) (util.Key, error) {
	if err := CheckUser(d, email, pwhash); err != nil {
		return "", err
	}

	key := util.SaltedHash(pwhash, time.Now().String())
	timeout := time.Now().Add(GetTimeout())

	err := db.StoreKeyValue(
		d,
		LoginKeys,
		[]byte(email),
		Login{key, timeout},
	)
	if err != nil {
		return "", err
	}

	return key, nil
}
Esempio n. 5
0
func (s *UtilSuite) TestSaltedHash(c *gc.C) {
	for i, t := range []struct {
		should    string
		givenPw   string
		givenSeed string
		expectKey util.Key
	}{{
		should:    "work",
		givenPw:   "foobar",
		givenSeed: "seedFooBar",
		expectKey: "edd40ea1fef74898d639b6cdce7610c518487e2a",
	}, {
		should:    "work",
		givenPw:   "deadbeef",
		givenSeed: "anotherseed",
		expectKey: "50aa2ddda4f15d637585d2843242cba76d130afc",
	}} {
		c.Logf("test %d: should %s", i, t.should)
		h := util.SaltedHash(t.givenPw, t.givenSeed)
		c.Check(string(h), gc.Equals, string(t.expectKey))
	}
}