func TestRekey(t *testing.T) {
tmpdir, err := ioutil.TempDir("", "msgdb_test")
if err != nil {
t.Fatal(err)
}
defer os.RemoveAll(tmpdir)
dbname := filepath.Join(tmpdir, "msgdb")
passphrase := []byte(cipher.RandPass(cipher.RandReader))
if err := Create(dbname, passphrase, 64000); err != nil {
t.Fatal(err)
}
msgDB, err := Open(dbname, passphrase)
if err != nil {
t.Fatal(err)
}
msgDB.Close()
newPassphrase := []byte(cipher.RandPass(cipher.RandReader))
if err := Rekey(dbname, passphrase, newPassphrase, 32000); err != nil {
t.Fatal(err)
}
msgDB, err = Open(dbname, newPassphrase)
if err != nil {
t.Fatal(err)
}
if err := msgDB.Close(); err != nil {
t.Fatal(err)
}
}
func createDB() (tmpdir string, msgDB *MsgDB, err error) {
tmpdir, err = ioutil.TempDir("", "msgdb_test")
if err != nil {
return "", nil, err
}
dbname := filepath.Join(tmpdir, "msgdb")
passphrase := []byte(cipher.RandPass(cipher.RandReader))
if err := Create(dbname, passphrase, 64000); err != nil {
return "", nil, err
}
msgDB, err = Open(dbname, passphrase)
if err != nil {
return "", nil, err
}
return
}
func (lh *loginHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
if r.Method == "GET" {
if err := t.Execute(w, nil); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
} else {
if err := r.ParseForm(); err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
passphrase := r.Form["passphrase"][0]
lh.ce.passphrase = []byte(passphrase)
if err := lh.ce.prepare(lh.c, true, true); err != nil {
// TODO: allow to input passphrase again
http.Error(w, err.Error(), http.StatusForbidden)
return
}
fmt.Fprintln(lh.statusfp, "successful login")
// set cookie
secret := cipher.RandPass(cipher.RandReader)
auth.Lock()
auth.secret = secret
auth.Unlock()
cookie := &http.Cookie{
Name: "mute",
Value: secret,
Path: "/",
Expires: time.Now().UTC().AddDate(0, 0, 30),
}
http.SetCookie(w, cookie)
// redirect to SPA
http.Redirect(w, r, "/", http.StatusSeeOther)
}
}