Esempio n. 1
0
// register a user
func (this *UserService) RegisterUser(u *user.User, username, email, password string, userType *user.UserType, role *user.Role) error {
	u.UserType = userType
	// use random salt encode password
	salt := GetUserSalt()
	pwd := utils.EncodePassword(password, salt)

	u.Username = strings.ToLower(username)
	u.Email = strings.ToLower(email)

	// save salt and encode password, use $ as split char
	u.Password = fmt.Sprintf("%s$%s", salt, pwd)
	u.PasswordSalt = salt

	var err error
	tr := orm.NewOrm()
	tr.Begin()
	if err = this.InsertWithScope(tr, u); err == nil {
		roleService := RoleService{}
		err = roleService.InsertUsersWithScope(tr, role, u)
	}
	if err == nil {
		tr.Commit()
	} else {
		tr.Rollback()
	}
	return err
}
Esempio n. 2
0
func (this *BaseController) LoginUserFromRememberCookie(u *user.User, ctx *context.Context) (success bool) {
	userName := ctx.GetCookie(setting.CookieUsername)
	if len(userName) == 0 {
		return false
	}

	defer func() {
		if !success {
			this.DeleteRememberCookie(ctx)
		}
	}()
	u.Username = userName
	if err := this.UserService.Read(u, "Username"); err != nil {
		return false
	}

	secret := utils.EncodeMd5(u.PasswordSalt + u.Password)
	value, _ := ctx.GetSecureCookie(secret, setting.CookieRememberName)
	if value != userName {
		return false
	}

	this.LoginUserRememberCookie(u, ctx, true)

	return true
}
Esempio n. 3
0
func (this *UserController) getUser(u *user.User) bool {
	username := this.GetString(":username")
	u.Username = username
	err := this.UserService.Read(u, "Username")
	if err != nil {
		this.Abort("404")
		return true
	}
	this.Data["TheUser"] = &u

	return false
}
Esempio n. 4
0
// check if exist user by username or email, ignore "deleted" users
func (this *UserService) HasUser(user *user.User, username string) bool {
	var err error
	qs := orm.NewOrm()
	if strings.IndexRune(username, '@') == -1 {
		user.Username = username
		err = qs.Read(user, "Username", "Deleted")
	} else {
		user.Email = username
		err = qs.Read(user, "Email", "Deleted")
	}
	if err == nil {
		return true
	}
	return false
}
Esempio n. 5
0
// get user by erify code
func (this *UserService) getVerifyUser(u *user.User, code string) bool {
	if len(code) <= utils.TimeLimitCodeLength {
		return false
	}

	// use tail hex username query user
	hexStr := code[utils.TimeLimitCodeLength:]
	if b, err := hex.DecodeString(hexStr); err == nil {
		u.Username = string(b)
		if this.Read(u, "Username") == nil {
			return true
		}
	}

	return false
}
Esempio n. 6
0
func TestPasswordSpec(t *testing.T) {
	password := "******"
	var err error
	Convey("Authentication Testing", t, func() {
		Convey("generateSalt()", func() {
			salt := GetUserSalt()
			So(salt, ShouldNotBeBlank)
			So(len(salt), ShouldEqual, 10)
		})

		Convey("hashPassword()", func() {
			hash := utils.EncodePassword(password, GetUserSalt())
			So(hash, ShouldNotBeBlank)
			So(len(hash), ShouldEqual, 100)
		})

		Convey("Create a user", func() {
			u := new(user.User)
			u.Username = "******"
			u.Password = password
			db := orm.NewOrm()
			//ensure testuser not exist in the database
			_, err = db.Raw("delete from role where role_info_id = (select id from user_info where user_name = ? limit 1)", u.Username).Exec()
			if err != nil {
				Println(err)
			}
			_, err = db.Raw("delete from user_info where user_name=?", u.Username).Exec()
			if err != nil {
				Println(err)
			}
			err := userServ.RegisterUser(u, "testuser", "*****@*****.**", password, &model.UserType{Id: 1}, &model.Role{Id: 2})
			if err != nil {
				Println(err)
			}
			So(err, ShouldEqual, nil)
			So(u.Id, ShouldBeGreaterThan, 0)

			Convey("VerifyUser()", func() {
				So(userServ.VerifyUser(u, u.Username, password), ShouldEqual, true)
			})

			Convey("CanRegister()", func() {
				var canName, canEmail bool = true, true
				canName, canEmail, _ = userServ.CanRegistered("testuser", "*****@*****.**")
				So(canName, ShouldEqual, false)
				So(canEmail, ShouldEqual, false)
				canName, canEmail, _ = userServ.CanRegistered("testuser", "*****@*****.**")
				So(canName, ShouldEqual, false)
				So(canEmail, ShouldEqual, true)
				canName, canEmail, _ = userServ.CanRegistered("whatever", "*****@*****.**")
				So(canName, ShouldEqual, true)
				So(canEmail, ShouldEqual, false)
				canName, canEmail, _ = userServ.CanRegistered("whatever", "*****@*****.**")
				So(canName, ShouldEqual, true)
				So(canEmail, ShouldEqual, true)
			})

			Convey("HasUser()", func() {
				So(userServ.HasUser(u, "testuser"), ShouldEqual, true)
			})

			Convey("SaveNewPassword()", func() {
				newPassword := "******"
				userServ.SaveNewPassword(u, newPassword)
				So(userServ.VerifyUser(u, u.Username, password), ShouldEqual, false)
				So(userServ.VerifyUser(u, u.Username, newPassword), ShouldEqual, true)
			})

			Convey("FuzzySearch()", func() {
				var users []*model.User
				userServ.FuzzySearch(&users, "t", 2, 0, 200)
				So(len(users), ShouldBeGreaterThanOrEqualTo, 1)
			})
		})

	})
}