// ChangePassword changes the password of the user. // If force, passworldOld is irrelevant and the password is changed in any case. func ChangePassword(email, password, passwordNew string, force bool) error { credentials, err := GetCredentials(lc(email)) if err != nil { return err } auth := force || crypto.VerifyPassword(credentials.Crypto, password) if auth { newCrypto, err := crypto.HashPassword(passwordNew) if err != nil { return err } credentials.Crypto = newCrypto credentials.Version.Increment() _, err = GetCredentialsPersistor().GetCollection().UpsertId(credentials.BsonId, credentials) return err } return errors.New("Authorization Error: Could not change password.") }
// CreateCustomerCredentials func CreateCustomerCredentials(email, password string) error { if password == "" { log.Println("WARNING: Empty password is reserved for guest customer (and will not grant access).") } available, err := CheckLoginAvailable(lc(email)) if err != nil { return err } if !available { return errors.New(lc(email) + " is already taken!") } crypto, err := crypto.HashPassword(password) if err != nil { return err } credentials := &CustomerCredentials{ Version: version.NewVersion(), Email: lc(email), Crypto: crypto, } p := GetCredentialsPersistor() return p.GetCollection().Insert(credentials) }