func LoginUser(d db.DB, email, pwhash string) (util.Key, error) { // Get the hash and password for the email. // util.CheckHashedPw(pw, salt, hash) // if ok, then log in. userBytes, err := db.GetByKey(d, Users, []byte(email)) if err != nil { return "", err } if len(userBytes) == 0 { return "", fmt.Errorf("no user for email %q", email) } var u User err = json.Unmarshal(userBytes, &u) if err != nil { return "", err } ok := util.CheckHashedPw(pwhash, u.Salt, u.Hash) if !ok { return "", fmt.Errorf("invalid password") } key := util.SaltedHash(pwhash, time.Now().String()) timeout := time.Now().Add(GetTimeout()) err = db.StoreKeyValue(d, SessionKeys, b(email), Login{key, timeout}) if err != nil { return "", err } return key, nil }
// Create makes a new Admin account with a given email and pwhash. func Create(d db.DB, email, pwhash string) (util.Key, error) { var none util.Key adminJSON, err := db.GetByKey(d, emails, []byte(email)) switch { case err != nil: return none, err case len(adminJSON) != 0: return none, errors.AlreadyExistsf("admin for email %s:", email) } hash, salt := util.HashedAndSalt(pwhash, time.Now().String()) seed := time.Now().String() key := util.SaltedHash(string(hash), seed) adm := &Admin{ Email: email, Salt: salt, Hash: hash, Key: key, } if err := db.StoreKeyValue(d, admins, []byte(key), adm); err != nil { return none, err } return key, db.StoreKeyValue(d, emails, []byte(email), adm) }
func Valid(d db.DB, email string, key util.Key) error { userBytes, err := db.GetByKey(d, SessionKeys, []byte(email)) if err != nil { return err } if len(userBytes) == 0 { return errors.UserNotFoundf("user %q not logged in", email) } var login Login err = json.Unmarshal(userBytes, &login) if err != nil { return err } if login.Key == key { t := time.Now() if t.Before(login.Timeout) { err = db.StoreKeyValue(d, SessionKeys, b(email), Login{key, t.Add(GetTimeout())}) return nil } return errors.NotValidf("user %q timed out", email) } return fmt.Errorf("bad key %q for user %q", key, email) }
func (s *UserSuite) testLogins(u t.TestUser, c *gc.C) error { s.createUsers(c) defer s.deleteUsers(c) key, err := user.LoginUser(s.d, u.Email, u.Pwhash) if err != nil { return err } userBytes, err := db.GetByKey(s.d, user.LoginKeys, []byte(u.Email)) if err != nil { return err } c.Assert(len(userBytes), gc.Not(gc.Equals), 0) var login user.Login err = json.Unmarshal(userBytes, &login) if err != nil { return err } c.Assert(login.Key, gc.Equals, key) return nil }
// GetByEmail retrieves an *Admin from the database for a given email. func GetByEmail(d db.DB, email string) (*Admin, error) { adminJSON, err := db.GetByKey(d, emails, []byte(email)) switch { case err != nil: return nil, err case len(adminJSON) == 0: return nil, errors.UserNotFoundf("admin for email %s:", email) } admin := new(Admin) err = json.Unmarshal(adminJSON, admin) return admin, err }
// Get retrieves an *Admin from the database for a given key. func Get(d db.DB, key util.Key) (*Admin, error) { adminJSON, err := db.GetByKey(d, admins, []byte(key)) switch { case err != nil: return nil, err case len(adminJSON) == 0: return nil, errors.UserNotFoundf("admin for key %s:", key) } admin := new(Admin) err = json.Unmarshal(adminJSON, admin) return admin, err }
func Get(d db.DB, email string) (*User, error) { userBytes, err := db.GetByKey(d, Users, []byte(email)) if err != nil { return nil, err } if len(userBytes) == 0 { return nil, errors.UserNotFoundf("%q", email) } u := &User{} err = json.Unmarshal(userBytes, &u) if err != nil { return nil, err } return u, nil }
func ClearLogin(d db.DB, email string) error { loginBytes, err := db.GetByKey(d, LoginKeys, []byte(email)) if err != nil { return err } if len(loginBytes) == 0 { return errors.UserNotFoundf("user %q not logged in: ", email) } login := &Login{} if err = json.Unmarshal(loginBytes, &login); err != nil { return err } return db.DeleteByKey(d, LoginKeys, []byte(email)) }
func GetLogin(d db.DB, email string) (*Login, error) { loginBytes, err := db.GetByKey(d, LoginKeys, []byte(email)) if err != nil { return nil, err } if len(loginBytes) == 0 { return nil, errors.UserNotFoundf("user %q not logged in: ", email) } login := &Login{} err = json.Unmarshal(loginBytes, &login) if err != nil { return nil, err } return login, nil }
func CreateUser(d db.DB, email, pwhash string) error { userBytes, err := db.GetByKey(d, Users, []byte(email)) if err != nil { return err } if len(userBytes) != 0 { return errors.AlreadyExistsf("user for email %q", email) } seed := time.Now().String() hash, salt := util.HashedAndSalt(pwhash, seed) return db.StoreKeyValue(d, Users, b(email), User{ Email: email, Salt: salt, Hash: hash, }) }
func Delete(d db.DB, email string) error { userBytes, err := db.GetByKey(d, Users, []byte(email)) if err != nil { return err } if len(userBytes) == 0 { return errors.Errorf("user for email %q not found", email) } err = db.DeleteByKey(d, Users, []byte(email)) if err != nil { return errors.Annotatef(err, "failed to delete user %q", email) } if _, err := GetLogin(d, email); err == nil { return ClearLogin(d, email) } return nil }
// Delete deletes the admin which has the given key. func Delete(d db.DB, key util.Key) error { adminJSON, err := db.GetByKey(d, admins, []byte(key)) switch { case err != nil: return err case len(adminJSON) == 0: return errors.UserNotFoundf("admin for key %s:", key) } adm := new(Admin) if err := json.Unmarshal(adminJSON, adm); err != nil { return err } if err := db.DeleteByKey(d, admins, []byte(key)); err != nil { return err } return db.DeleteByKey(d, emails, []byte(adm.Email)) }
func DeleteUser(d db.DB, email string) error { userBytes, err := db.GetByKey(d, Users, []byte(email)) if err != nil { return err } if len(userBytes) == 0 { return errors.Errorf("user for email %q not found", email) } err = db.DeleteByKey(d, Users, b(email)) if err != nil { return errors.Annotatef(err, "failed to delete user %q", email) } err = db.DeleteByKey(d, SessionKeys, b(email)) if err != nil { return errors.Annotatef(err, "failed to log out deleted user %q", email) } return nil }
func (s *AuthSuite) createTests(user t.TestUser, c *gc.C) error { err := auth.CreateUser(s.d, user.Email, user.Pwhash) if err != nil { return err } userBytes, err := db.GetByKey(s.d, auth.Users, []byte(user.Email)) if err != nil { return err } c.Assert(len(userBytes), gc.Not(gc.Equals), 0) var tmpUser auth.User err = json.Unmarshal(userBytes, &tmpUser) if err != nil { return err } c.Check(tmpUser.Email, gc.Equals, user.Email) return nil }
func (s *AdminSuite) createTests(adm t.TestAdmin, c *gc.C) error { key, err := admin.Create(s.d, adm.Email, adm.Pwhash) if err != nil { return err } err = admin.IsAdmin(s.d, util.Key(key)) c.Assert(err, jc.ErrorIsNil) adminBytes, err := db.GetByKey(s.d, admin.Admins, []byte(key)) if err != nil { return err } c.Assert(len(adminBytes), gc.Not(gc.Equals), 0) var tmpAdmin admin.Admin if err = json.Unmarshal(adminBytes, &tmpAdmin); err != nil { return err } c.Check(tmpAdmin.Email, gc.Equals, adm.Email) return nil }