func TestVerifyPassword(t *testing.T) { // Test valid passwords assert.Nil(t, password.VerifyPassword( "$2a$10$CUoGytf1pR7CC6Y043gt/.vFJUV4IRqvH5R6F0VfITP8s2TqrQ.4e", "test_secret", )) assert.Nil(t, password.VerifyPassword( "$2a$10$4J4t9xuWhOKhfjN0bOKNReS9sL3BVSN9zxIr2.VaWWQfRBWh1dQIS", "test_password", )) // Test invalid password assert.NotNil(t, password.VerifyPassword("bogus", "password")) }
// AuthClient authenticates client func (s *Service) AuthClient(clientID, secret string) (*models.OauthClient, error) { // Fetch the client client, err := s.FindClientByClientID(clientID) if err != nil { return nil, ErrClientNotFound } // Verify the secret if password.VerifyPassword(client.Secret, secret) != nil { return nil, ErrInvalidClientSecret } return client, nil }
// AuthUser authenticates user func (s *Service) AuthUser(username, password string) (*models.OauthUser, error) { // Fetch the user user, err := s.FindUserByUsername(username) if err != nil { return nil, err } // Check that the password is set if !user.Password.Valid { return nil, ErrUserPasswordNotSet } // Verify the password if pass.VerifyPassword(user.Password.String, password) != nil { return nil, ErrInvalidUserPassword } return user, nil }