Exemplo n.º 1
0
// CheckPass compares a password to the salt/hash combination; returns true
// if they match. It may be used in custom
func CheckPass(password string, salt, hash []byte) bool {
	if len(salt) == 0 || len(hash) == 0 {
		return false
	}
	ph := pbkdf2.PasswordHash{salt, hash}
	return pbkdf2.MatchPassword(password, ph)
}
Exemplo n.º 2
0
func processForm(form url.Values) (err error) {
	var seen bool
	fmt.Println("[-] processing form")
	if seen, err = urlSeen(form.Get("url")); err != nil {
		return
	} else if seen {
		fmt.Println("[!] url already shortened")
		return fmt.Errorf(urlAlreadyPresent)
	}

	fmt.Println("[-] lookup", form.Get("user"))
	pHash, err := getPassHash(form.Get("user"))
	if err != nil {
		return
	}
	if !pbkdf2.MatchPassword(form.Get("pass"), pHash) {
		fmt.Printf("[-] pass: %s\n\t%+v\n", form.Get("pass"), pHash)
		err = fmt.Errorf("invalid credentials")
		return
	}

	var shorturl string
	var notFound bool
	if len(form.Get("shortcode")) == 0 {
		shorturl, err = ShortenUrl(shortNotFound)
	} else {
		shorturl = form.Get("shortcode")
		if notFound, err = shortNotFound(shorturl); !notFound {
			err = fmt.Errorf("shortcode already exists")
			return
		} else if err != nil {
			return
		}
	}
	if err != nil {
		return
	}
	if err = insertShortened(shorturl, form.Get("url")); err != nil {
		return
	}
	return
}