func authClient(clientId, clientSecret string) error {
acc, err := db.Search(clientId, "", 1, 0)
if err != nil {
return errors.InternalServerError("go.micro.srv.auth", "server_error")
}
if len(acc) == 0 {
return errors.BadRequest("go.micro.srv.auth", "invalid_request")
}
// check the secret
salt, secret, err := db.SaltAndSecret(acc[0].Id)
if err != nil {
return errors.InternalServerError("go.micro.srv.auth", "server_error")
}
s, err := base64.StdEncoding.DecodeString(secret)
if err != nil {
return errors.InternalServerError("go.micro.srv.auth", "server_error")
}
// does it match?
if err := bcrypt.CompareHashAndPassword(s, []byte(x+salt+clientSecret)); err != nil {
return errors.BadRequest("go.micro.srv.auth", "access_denied")
}
return nil
}
func (s *Account) Search(ctx context.Context, req *account.SearchRequest, rsp *account.SearchResponse) error {
if req.Limit <= 0 {
req.Limit = 10
}
if req.Offset < 0 {
req.Offset = 0
}
accounts, err := db.Search(req.ClientId, req.Type, req.Limit, req.Offset)
if err != nil {
return err
}
rsp.Accounts = accounts
return nil
}