Exemplo n.º 1
0
Arquivo: auth.go Projeto: natmeox/mess
func (w *DatabaseWorld) AccountForLogin(name, password string) (acc *Account) {
	acc = &Account{}
	row := w.db.QueryRow("SELECT loginname, passwordhash, character, created FROM account WHERE loginname = $1",
		name)
	err := row.Scan(&acc.LoginName, &acc.PasswordHash, &acc.Character, &acc.Created)
	// TODO: oh look there are timing attacks wheeeeeeee
	if err != nil {
		thing, ok := err.(pq.PGError)
		var message string
		if ok {
			message = thing.Get('M')
		} else {
			message = err.Error()
		}
		log.Println("Error loading account with name", name, ":", message)
		return nil
	}

	if !bcrypt.Match(password, acc.PasswordHash) {
		log.Println("Bad login attempt for account", name)
		return nil
	}

	return
}
Exemplo n.º 2
0
func TestCreateUser(t *testing.T) {
	InitTests()
	req, _ := http.NewRequest("POST", server.URL+"/u/gino/", strings.NewReader(url.Values{"password": {"berlino"}, "isadmin": {"1"}}.Encode()))
	req.SetBasicAuth("admin", "asdf")
	resp, err := http.DefaultClient.Do(req)

	if err != nil {
		t.Errorf("%v", err)
	}
	if resp.StatusCode != 200 {
		t.Errorf("Server responded with %v, expected 200", resp.StatusCode)
		t.FailNow()
	}
	client := connectToRedis()
	defer client.Close()
	v := client.HGetAll("user:gino").Val()
	if !(bcrypt.Match("berlino", v[3])) {
		t.Errorf("%v v1 is %v and v2 is %v %v", v[0], v[1], v[2], v[3])
		t.FailNow()
	}
}
Exemplo n.º 3
0
func (u User) Validate(p string) bool {
	return bcrypt.Match(p, u.Hash)
}
Exemplo n.º 4
0
func PassMatch(p string, hash string) bool {
	if bcrypt.Match(p, hash) {
		return true
	}
	return false
}
Exemplo n.º 5
0
// Returns false if the password does not match or if the user is not there
func checkUserPass(user string, pass string, client *redis.Client) bool {
	if client.Exists("user:"******"user:"******"password").Val()[0].(string))
	}
	return false
}
Exemplo n.º 6
0
func (account *Account) HasPassword(pass string) bool {
	return bcrypt.Match(pass, account.PasswordHash)
}
Exemplo n.º 7
0
func (self *defaultAuther) Match(password string, hash string) bool {

	return bcrypt.Match(password, hash)
}