Exemplo n.º 1
0
func LoginUser(d db.DB, email, pwhash string) (util.Key, error) {
	// Get the hash and password for the email.
	// util.CheckHashedPw(pw, salt, hash)
	// if ok, then log in.
	userBytes, err := db.GetByKey(d, Users, []byte(email))
	if err != nil {
		return "", err
	}

	if len(userBytes) == 0 {
		return "", fmt.Errorf("no user for email %q", email)
	}

	var u User
	err = json.Unmarshal(userBytes, &u)
	if err != nil {
		return "", err
	}

	ok := util.CheckHashedPw(pwhash, u.Salt, u.Hash)
	if !ok {
		return "", fmt.Errorf("invalid password")
	}

	key := util.SaltedHash(pwhash, time.Now().String())
	timeout := time.Now().Add(GetTimeout())
	err = db.StoreKeyValue(d, SessionKeys, b(email), Login{key, timeout})
	if err != nil {
		return "", err
	}

	return key, nil
}
Exemplo n.º 2
0
// Create makes a new Admin account with a given email and pwhash.
func Create(d db.DB, email, pwhash string) (util.Key, error) {
	var none util.Key
	adminJSON, err := db.GetByKey(d, emails, []byte(email))

	switch {
	case err != nil:
		return none, err
	case len(adminJSON) != 0:
		return none, errors.AlreadyExistsf("admin for email %s:", email)
	}

	hash, salt := util.HashedAndSalt(pwhash, time.Now().String())
	seed := time.Now().String()
	key := util.SaltedHash(string(hash), seed)

	adm := &Admin{
		Email: email,
		Salt:  salt,
		Hash:  hash,
		Key:   key,
	}

	if err := db.StoreKeyValue(d, admins, []byte(key), adm); err != nil {
		return none, err
	}

	return key, db.StoreKeyValue(d, emails, []byte(email), adm)
}
Exemplo n.º 3
0
func Valid(d db.DB, email string, key util.Key) error {
	userBytes, err := db.GetByKey(d, SessionKeys, []byte(email))
	if err != nil {
		return err
	}

	if len(userBytes) == 0 {
		return errors.UserNotFoundf("user %q not logged in", email)
	}

	var login Login
	err = json.Unmarshal(userBytes, &login)
	if err != nil {
		return err
	}

	if login.Key == key {
		t := time.Now()
		if t.Before(login.Timeout) {
			err = db.StoreKeyValue(d, SessionKeys, b(email), Login{key, t.Add(GetTimeout())})
			return nil
		}
		return errors.NotValidf("user %q timed out", email)
	}

	return fmt.Errorf("bad key %q for user %q", key, email)
}
Exemplo n.º 4
0
func (s *UserSuite) testLogins(u t.TestUser, c *gc.C) error {
	s.createUsers(c)
	defer s.deleteUsers(c)

	key, err := user.LoginUser(s.d, u.Email, u.Pwhash)
	if err != nil {
		return err
	}

	userBytes, err := db.GetByKey(s.d, user.LoginKeys, []byte(u.Email))
	if err != nil {
		return err
	}

	c.Assert(len(userBytes), gc.Not(gc.Equals), 0)

	var login user.Login
	err = json.Unmarshal(userBytes, &login)
	if err != nil {
		return err
	}

	c.Assert(login.Key, gc.Equals, key)
	return nil
}
Exemplo n.º 5
0
// GetByEmail retrieves an *Admin from the database for a given email.
func GetByEmail(d db.DB, email string) (*Admin, error) {
	adminJSON, err := db.GetByKey(d, emails, []byte(email))

	switch {
	case err != nil:
		return nil, err
	case len(adminJSON) == 0:
		return nil, errors.UserNotFoundf("admin for email %s:", email)
	}

	admin := new(Admin)
	err = json.Unmarshal(adminJSON, admin)
	return admin, err
}
Exemplo n.º 6
0
// Get retrieves an *Admin from the database for a given key.
func Get(d db.DB, key util.Key) (*Admin, error) {
	adminJSON, err := db.GetByKey(d, admins, []byte(key))

	switch {
	case err != nil:
		return nil, err
	case len(adminJSON) == 0:
		return nil, errors.UserNotFoundf("admin for key %s:", key)
	}

	admin := new(Admin)
	err = json.Unmarshal(adminJSON, admin)
	return admin, err
}
Exemplo n.º 7
0
func Get(d db.DB, email string) (*User, error) {
	userBytes, err := db.GetByKey(d, Users, []byte(email))
	if err != nil {
		return nil, err
	}
	if len(userBytes) == 0 {
		return nil, errors.UserNotFoundf("%q", email)
	}

	u := &User{}
	err = json.Unmarshal(userBytes, &u)
	if err != nil {
		return nil, err
	}

	return u, nil
}
Exemplo n.º 8
0
func ClearLogin(d db.DB, email string) error {
	loginBytes, err := db.GetByKey(d, LoginKeys, []byte(email))
	if err != nil {
		return err
	}

	if len(loginBytes) == 0 {
		return errors.UserNotFoundf("user %q not logged in: ", email)
	}

	login := &Login{}
	if err = json.Unmarshal(loginBytes, &login); err != nil {
		return err
	}

	return db.DeleteByKey(d, LoginKeys, []byte(email))
}
Exemplo n.º 9
0
func GetLogin(d db.DB, email string) (*Login, error) {
	loginBytes, err := db.GetByKey(d, LoginKeys, []byte(email))
	if err != nil {
		return nil, err
	}

	if len(loginBytes) == 0 {
		return nil, errors.UserNotFoundf("user %q not logged in: ", email)
	}

	login := &Login{}
	err = json.Unmarshal(loginBytes, &login)
	if err != nil {
		return nil, err
	}
	return login, nil
}
Exemplo n.º 10
0
func CreateUser(d db.DB, email, pwhash string) error {
	userBytes, err := db.GetByKey(d, Users, []byte(email))
	if err != nil {
		return err
	}

	if len(userBytes) != 0 {
		return errors.AlreadyExistsf("user for email %q", email)
	}

	seed := time.Now().String()
	hash, salt := util.HashedAndSalt(pwhash, seed)
	return db.StoreKeyValue(d, Users, b(email), User{
		Email: email,
		Salt:  salt,
		Hash:  hash,
	})
}
Exemplo n.º 11
0
func Delete(d db.DB, email string) error {
	userBytes, err := db.GetByKey(d, Users, []byte(email))
	if err != nil {
		return err
	}

	if len(userBytes) == 0 {
		return errors.Errorf("user for email %q not found", email)
	}

	err = db.DeleteByKey(d, Users, []byte(email))
	if err != nil {
		return errors.Annotatef(err, "failed to delete user %q", email)
	}

	if _, err := GetLogin(d, email); err == nil {
		return ClearLogin(d, email)
	}
	return nil
}
Exemplo n.º 12
0
// Delete deletes the admin which has the given key.
func Delete(d db.DB, key util.Key) error {
	adminJSON, err := db.GetByKey(d, admins, []byte(key))

	switch {
	case err != nil:
		return err
	case len(adminJSON) == 0:
		return errors.UserNotFoundf("admin for key %s:", key)
	}

	adm := new(Admin)
	if err := json.Unmarshal(adminJSON, adm); err != nil {
		return err
	}

	if err := db.DeleteByKey(d, admins, []byte(key)); err != nil {
		return err
	}

	return db.DeleteByKey(d, emails, []byte(adm.Email))
}
Exemplo n.º 13
0
func DeleteUser(d db.DB, email string) error {
	userBytes, err := db.GetByKey(d, Users, []byte(email))
	if err != nil {
		return err
	}

	if len(userBytes) == 0 {
		return errors.Errorf("user for email %q not found", email)
	}

	err = db.DeleteByKey(d, Users, b(email))
	if err != nil {
		return errors.Annotatef(err, "failed to delete user %q", email)
	}

	err = db.DeleteByKey(d, SessionKeys, b(email))
	if err != nil {
		return errors.Annotatef(err, "failed to log out deleted user %q", email)
	}
	return nil
}
Exemplo n.º 14
0
func (s *AuthSuite) createTests(user t.TestUser, c *gc.C) error {
	err := auth.CreateUser(s.d, user.Email, user.Pwhash)
	if err != nil {
		return err
	}

	userBytes, err := db.GetByKey(s.d, auth.Users, []byte(user.Email))
	if err != nil {
		return err
	}
	c.Assert(len(userBytes), gc.Not(gc.Equals), 0)

	var tmpUser auth.User
	err = json.Unmarshal(userBytes, &tmpUser)
	if err != nil {
		return err
	}

	c.Check(tmpUser.Email, gc.Equals, user.Email)
	return nil
}
Exemplo n.º 15
0
func (s *AdminSuite) createTests(adm t.TestAdmin, c *gc.C) error {
	key, err := admin.Create(s.d, adm.Email, adm.Pwhash)
	if err != nil {
		return err
	}

	err = admin.IsAdmin(s.d, util.Key(key))
	c.Assert(err, jc.ErrorIsNil)

	adminBytes, err := db.GetByKey(s.d, admin.Admins, []byte(key))
	if err != nil {
		return err
	}
	c.Assert(len(adminBytes), gc.Not(gc.Equals), 0)

	var tmpAdmin admin.Admin
	if err = json.Unmarshal(adminBytes, &tmpAdmin); err != nil {
		return err
	}

	c.Check(tmpAdmin.Email, gc.Equals, adm.Email)
	return nil
}