// Register attempts to register the user given a request. func Register(r *http.Request) (bool, error) { username := r.FormValue("username") newPassword := r.FormValue("password") confirmPassword := r.FormValue("confirm_password") u, err := models.GetUserByUsername(username) // If we have an error which is not simply indicating that no user was found, report it if err != nil { fmt.Println(err) return false, err } u = models.User{} // If we've made it here, we should have a valid username given // Check that the passsword isn't blank if newPassword == "" { return false, ErrEmptyPassword } // Make sure passwords match if newPassword != confirmPassword { return false, ErrPasswordMismatch } // Let's create the password hash h, err := bcrypt.GenerateFromPassword([]byte(newPassword), bcrypt.DefaultCost) if err != nil { return false, err } u.Username = username u.Hash = string(h) u.ApiKey = GenerateSecureKey() err = models.PutUser(&u) return true, nil }
// Login attempts to login the user given a request. func Login(r *http.Request) (bool, models.User, error) { username, password := r.FormValue("username"), r.FormValue("password") u, err := models.GetUserByUsername(username) if err != nil && err != models.ErrUsernameTaken { return false, models.User{}, err } //If we've made it here, we should have a valid user stored in u //Let's check the password err = bcrypt.CompareHashAndPassword([]byte(u.Hash), []byte(password)) if err != nil { return false, models.User{}, ErrInvalidPassword } return true, u, nil }
// Login attempts to login the user given a request. func Login(r *http.Request) (bool, error) { username, password := r.FormValue("username"), r.FormValue("password") session, _ := Store.Get(r, "gophish") u, err := models.GetUserByUsername(username) if err != nil && err != models.ErrUsernameTaken { return false, err } //If we've made it here, we should have a valid user stored in u //Let's check the password err = bcrypt.CompareHashAndPassword([]byte(u.Hash), []byte(password)) if err != nil { ctx.Set(r, "user", nil) return false, ErrInvalidPassword } ctx.Set(r, "user", u) session.Values["id"] = u.Id return true, nil }
// Register attempts to register the user given a request. func Register(r *http.Request) (bool, error) { username, password := r.FormValue("username"), r.FormValue("password") u, err := models.GetUserByUsername(username) // If we have an error which is not simply indicating that no user was found, report it if err != nil { fmt.Println(err) return false, err } u = models.User{} //If we've made it here, we should have a valid username given //Let's create the password hash h, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost) if err != nil { return false, err } u.Username = username u.Hash = string(h) u.ApiKey = GenerateSecureKey() err = models.PutUser(&u) return true, nil }