// Before creating a user, add in the uuid
func (u *User) BeforeCreate() (err error) {
u5, err := uuid.NewV5(uuid.NamespaceURL, []byte(u.Email))
if err != nil {
fmt.Println("UUID error:", err)
return
}
u4, err := uuid.NewV4()
if err != nil {
fmt.Println("Salt error:", err)
return
}
token, err := uuid.NewV4()
if err != nil {
fmt.Println("Token error:", err)
return
}
hashed := utils.Hash([]byte(u.Password), []byte(u4.String()))
u.Password = hashed
u.Salt = u4.String()
u.Uuid = u5.String()
u.ActivationToken = token.String()
return
}
// GET /users/user/:uuid/reset
func GetUsersReset(r render.Render, params martini.Params) {
user := db.User{}
if db.DB.Where("uuid = ?", params["uuid"]).First(&user).RecordNotFound() {
r.Error(404)
} else {
password := utils.RandPassword(8)
user.Password = utils.Hash([]byte(password), []byte(user.Salt))
db.DB.Save(&user)
go utils.SendResetPassword(user.Email, password)
r.Redirect("/users")
}
}
// Authenticate a user given the user name and the plaintext password
func Auth(email string, password string) (session_id string, err error) {
// get user from database
var user = User{}
err = DB.Where("email = ?", email).First(&user).Error
if err != nil {
return
}
// hash the password
hashed := utils.Hash([]byte(password), []byte(user.Salt))
if user.Password == hashed {
sess := Session{User_id: user.Uuid}
err = DB.Save(&sess).Error
if err != nil {
return
}
session_id = sess.Uuid
} else {
err = errors.New("Wrong password")
}
return
}
