Пример #1
0
// FindByUsernameAndPassword search username, use user's salt to generates tokenVerify
// and check username + hashedTokenVerify in DB
func (user *User) findByUsernameAndTokenVerify(username, tokenVerify string) (bool, error) {
	var tmpUser = User{}
	err := Store().clUsers.
		Find(bson.M{"username": username}).
		Select(bson.M{"auth.emailVerify": 1, "auth.hashedTokenVerify": 1, "auth.saltTokenVerify": 1, "auth.dateAskReset": 1}).
		One(&tmpUser)
	if err != nil {
		return false, fmt.Errorf("Error while fetching hashed Token Verify with username %s", username)
	}

	// dateAskReset more than 30 min, expire token
	if time.Since(time.Unix(tmpUser.Auth.DateAskReset, 0)).Minutes() > 30 {
		return false, fmt.Errorf("Token Validation expired. Please ask a reset of your password with username %s", username)
	}
	if !utils.IsCheckValid(tokenVerify, tmpUser.Auth.HashedTokenVerify) {
		return false, fmt.Errorf("Error while checking user %s with given token", username)
	}

	// ok, user is checked, get all fields now
	err = user.FindByUsername(username)
	if err != nil {
		return false, err
	}

	return tmpUser.Auth.EmailVerified, nil
}
Пример #2
0
// FindByUsernameAndPassword search username, use user's salt to generates hashedPassword
// and check username + hashedPassword in DB
func (user *User) FindByUsernameAndPassword(username, password string) error {
	var tmpUser = User{}
	err := Store().clUsers.
		Find(bson.M{"username": username}).
		Select(bson.M{"auth.hashedPassword": 1, "auth.saltPassword": 1}).
		One(&tmpUser)
	if err != nil {
		return fmt.Errorf("Error while fetching hash with username %s", username)
	}

	if !utils.IsCheckValid(password, tmpUser.Auth.HashedPassword) {
		return fmt.Errorf("Error while checking user %s with given password", username)
	}

	// ok, user is checked, get all fields now
	return user.FindByUsername(username)
}