func (suite *OauthTestSuite) TestSetPassword() { var ( user *User err error ) // Insert a test user without a password user = &User{ Username: "******", Password: util.StringOrNull(""), } if err := suite.db.Create(user).Error; err != nil { log.Fatal(err) } // Try to set an empty password err = suite.service.SetPassword(user, "") // Correct error should be returned if assert.NotNil(suite.T(), err) { assert.Equal(suite.T(), errCannotSetEmptyUserPassword, err) } // Try changing the password err = suite.service.SetPassword(user, "test_password") // Error should be nil assert.Nil(suite.T(), err) // User object should have been updated assert.Equal(suite.T(), "test@user_nopass", user.Username) assert.Nil(suite.T(), pass.VerifyPassword(user.Password.String, "test_password")) }
// AuthClient authenticates client func (s *Service) AuthClient(clientID, secret string) (*Client, error) { // Fetch the client client, err := s.FindClientByClientID(clientID) if err != nil { return nil, errors.New("Client not found") } // Verify the secret if password.VerifyPassword(client.Secret, secret) != nil { return nil, errors.New("Invalid secret") } return client, nil }
// AuthUser authenticates user func (s *Service) AuthUser(username, thePassword string) (*User, error) { // Fetch the user user, err := s.FindUserByUsername(username) if err != nil { return nil, errors.New("User not found") } // Verify the password if password.VerifyPassword(user.Password, thePassword) != nil { return nil, errors.New("Invalid password") } return user, nil }
// AuthClient authenticates client func (s *Service) AuthClient(clientID, secret string) (*Client, error) { // Fetch the client client, err := s.FindClientByClientID(clientID) if err != nil { return nil, errClientNotFound } // Verify the secret if password.VerifyPassword(client.Secret, secret) != nil { return nil, errInvalidClientSecret } return client, nil }
// AuthUser authenticates user func (s *Service) AuthUser(username, password string) (*User, error) { // Fetch the user user, err := s.FindUserByUsername(username) if err != nil { return nil, errUserNotFound } // Check that the password is set if !user.Password.Valid { return nil, errUserPasswordNotSet } // Verify the password if pass.VerifyPassword(user.Password.String, password) != nil { return nil, errInvalidUserPassword } return user, nil }