func UpdateUser(user *User, email, curPwd, newPwd string) (User, error) {
ret := *user
if email == "" {
return ret, errNoEmail
}
ret.Email = email
//check if email exists
extUser, err := globalUserStore.FindByEmail(email)
if err != nil {
return ret, err
}
if extUser != nil && extUser.ID != user.ID {
return ret, errEmailExists
}
//update email address
user.Email = email
if curPwd == "" {
return ret, errNoPassword
}
if bcrypt.CompareHashAndPassword(
[]byte(user.HashedPassword),
[]byte(curPwd),
) != nil {
return ret, errPasswordMisMatch
}
if newPwd == "" {
return ret, errNoPassword
}
if len(newPwd) < passwordLength {
return ret, errPasswordTooShort
}
hashedPwd, err := bcrypt.GenerateFromPassword([]byte(newPwd), hashCost)
user.HashedPassword = string(hashedPwd)
return ret, err
}
func FindUser(username, password string) (*User, error) {
ret := &User{
Username: username,
}
extuser, err := globalUserStore.FindByUsername(username)
if err != nil {
return ret, nil
}
if extuser == nil {
return ret, errInfoIncorect
}
if bcrypt.CompareHashAndPassword(
[]byte(extuser.HashedPassword),
[]byte(password),
) != nil {
return ret, errInfoIncorect
}
return extuser, nil
}