func TestChangePassword(t *testing.T) { user := vsafe.User{Id: 1} var err error if err = user.Init("keep94", "somepassword"); err != nil { t.Fatalf("Error creating user: %v", err) } if err = user.ChangePassword("somepassword", "another"); err != nil { t.Fatalf("Verify password failed: %v", err) } if _, err = user.VerifyPassword("another"); err != nil { t.Error("Expected password to change") } if err = user.ChangePassword("somepassword", "be"); err != vsafe.ErrWrongPassword { t.Errorf("Expected ErrWrongPassword, got %v", err) } }
func UpdateUser(t *testing.T, store UpdateUserStore) { var first, second vsafe.User var firstResult, secondResult vsafe.User createUsers(t, store, &first, &second) first.Name = "John Doe" first.Key = "John Doe Key" if err := store.UpdateUser(nil, &first); err != nil { t.Fatalf("Got error updating user: %v", err) } if err := store.UserById(nil, first.Id, &firstResult); err != nil { t.Fatalf("Got error reading database by id: %v", err) } if err := store.UserById(nil, second.Id, &secondResult); err != nil { t.Fatalf("Got error reading database by id: %v", err) } assertUserEqual(t, &first, &firstResult) assertUserEqual(t, &second, &secondResult) if err := store.UserById(nil, kBadId, &firstResult); err != vsafedb.ErrNoSuchId { t.Errorf("Expected ErrNoSuchId, got %v", err) } }
// ChangePassword changes the password of a user in persistent storage. // t, the transaction, must be non nil. func ChangePassword( store SafeUpdateUserRunner, t db.Transaction, id int64, oldPass, newPass string) (*vsafe.User, error) { if t == nil { panic("Transaction must be non-nil") } var user vsafe.User err := store.UserById(t, id, &user) if err != nil { return nil, err } if err = user.ChangePassword(oldPass, newPass); err != nil { return nil, err } if err = store.UpdateUser(t, &user); err != nil { return nil, err } return &user, nil }
func TestChangePassword(t *testing.T) { var user vsafe.User if err := user.Init("foo", "password"); err != nil { t.Fatalf("Error initializing user %v", err) } var store FakeUserStore if err := store.AddUser(nil, &user); err != nil { t.Fatalf("Error adding user %v", err) } if _, err := vsafedb.ChangePassword( store, kTransaction, user.Id+1, "password", "board"); err != vsafedb.ErrNoSuchId { t.Errorf("Expected ErrNoSuchId, got %v", err) } if _, err := vsafedb.ChangePassword( store, kTransaction, user.Id, "wrong", "board"); err != vsafe.ErrWrongPassword { t.Errorf("Expected ErrWrongPassword, got %v", err) } newUser, err := vsafedb.ChangePassword( store, kTransaction, user.Id, "password", "board") if err != nil { t.Errorf("Expected no error, got %v", err) } if _, err := newUser.VerifyPassword("board"); err != nil { t.Errorf("Got error verifying password, %v", err) } var readUser vsafe.User if err := store.UserById(nil, user.Id, &readUser); err != nil { t.Fatalf("Got error reading database, %v", err) } if _, err := readUser.VerifyPassword("board"); err != nil { t.Errorf("Got error verifying password, %v", err) } }
func main() { flag.Parse() if fDb == "" || fName == "" || fPassword == "" { fmt.Println("Need to specify -db, -name, and -password flag.") flag.Usage() return } conn, err := sqlite.Open(fDb) if err != nil { fmt.Printf("Unable to open database - %s\n", fDb) return } dbase := sqlite_db.New(conn) defer dbase.Close() store := for_sqlite.New(dbase) doer := sqlite_db.NewDoer(dbase) var user vsafe.User if err = store.UserByName(nil, fName, &user); err != nil { fmt.Printf("Error retrieving user - %v\n", err) return } var key *vsafe.Key if key, err = user.VerifyPassword(fPassword); err != nil { fmt.Printf("Error verifying user password - %v\n", err) return } decoder := json.NewDecoder(os.Stdin) var entryList []*jsonEntry if err = decoder.Decode(&entryList); err != nil { fmt.Printf("Error decoding json - %v\n", err) return } err = doer.Do(func(t db.Transaction) error { return doImport(t, store, entryList, key) }) if err != nil { fmt.Printf("Import failed - %v\n", err) } }
func (h *Handler) ServeHTTP(w http.ResponseWriter, r *http.Request) { if r.Method == "GET" { http_util.WriteTemplate(w, kTemplate, nil) } else { r.ParseForm() userName := r.Form.Get("name") password := r.Form.Get("password") var user vsafe.User err := h.Store.UserByName(nil, userName, &user) if err == vsafedb.ErrNoSuchId { http_util.WriteTemplate(w, kTemplate, "Login incorrect.") return } if err != nil { http_util.ReportError(w, "Database error", err) return } key, err := user.VerifyPassword(password) if err == vsafe.ErrWrongPassword { http_util.WriteTemplate(w, kTemplate, "Login incorrect.") return } if err != nil { http_util.ReportError(w, "Error verifying password", err) return } gs, err := common.NewGorillaSession(h.SessionStore, r) if err != nil { http_util.ReportError(w, "Error creating session", err) return } session := common.CreateUserSession(gs) session.SetUserId(user.Id) session.SetKey(key) session.ID = "" // For added security, force a new session ID session.Save(r, w) http_util.Redirect(w, r, r.Form.Get("prev")) } }
func main() { flag.Parse() if fDb == "" || fName == "" || fPassword == "" { fmt.Println("Need to specify -db, -name, and -password flag.") flag.Usage() return } conn, err := sqlite.Open(fDb) if err != nil { fmt.Printf("Unable to open database - %s\n", fDb) return } dbase := sqlite_db.New(conn) defer dbase.Close() err = dbase.Do(func(conn *sqlite.Conn) error { return sqlite_setup.SetUpTables(conn) }) if err != nil { fmt.Printf("Unable to create tables - %v\n", err) return } store := for_sqlite.New(dbase) var user vsafe.User if fMasterName == "" { err = user.Init(fName, fPassword) } else { var master vsafe.User if err = store.UserByName(nil, fMasterName, &master); err != nil { fmt.Printf("Error retrieving master user - %v\n", err) return } var key *vsafe.Key if key, err = master.VerifyPassword(fMasterPassword); err != nil { fmt.Printf("Error verifying master password - %v\n", err) return } err = user.InitWithKey(fName, fPassword, key) } if err != nil { fmt.Printf("Error initializing user - %v\n", err) return } if err = store.AddUser(nil, &user); err != nil { fmt.Printf("Error storing user in database - %v\n", err) return } }
func TestKey(t *testing.T) { user := vsafe.User{Id: 1} var err error if err = user.Init("keep94", "somepassword"); err != nil { t.Fatalf("Error creating user: %v", err) } user2 := vsafe.User{Id: 2} if err = user2.Init("keep94", "somepassword"); err != nil { t.Fatalf("Error creating user: %v", err) } var key *vsafe.Key if key, err = user.VerifyPassword("somepassword"); err != nil { t.Fatalf("Verify password failed: %v", err) } var keyAgain *vsafe.Key if keyAgain, err = user.VerifyPassword("somepassword"); err != nil { t.Fatalf("Verify password failed: %v", err) } var key2 *vsafe.Key if key2, err = user2.VerifyPassword("somepassword"); err != nil { t.Fatalf("Verify password failed: %v", err) } if !key.Equal(keyAgain) { t.Errorf("Expected equal keys") } if key.Equal(key2) { t.Errorf("Expected unequal keys") } }
func TestUser(t *testing.T) { user := vsafe.User{Id: 1} var err error var key *vsafe.Key var key2 *vsafe.Key if err = user.Init("keep94", "somepassword"); err != nil { t.Fatalf("Error creating user: %v", err) } if key, err = user.VerifyPassword("somepassword"); err != nil { t.Fatalf("Verify password failed: %v", err) } if _, err = user.VerifyPassword("aardvark"); err != vsafe.ErrWrongPassword { t.Errorf("Expected wrong password, got %v", err) } user2 := vsafe.User{Id: 2} if err = user2.InitWithKey("keep94+admin", "foo", key); err != nil { t.Fatalf("Error creating user: %v", err) } if key2, err = user2.VerifyPassword("foo"); err != nil { t.Fatalf("Verify password failed: %v", err) } if !key2.Equal(key) { t.Error("key and key2 should be equal.") } if key.Id != 1 { t.Error("Expected key Id to be 1") } }
func (f *FakeUserStore) AddUser(t db.Transaction, u *vsafe.User) error { u.Id = int64(len(*f) + 1) stored := *u *f = append(*f, &stored) return nil }