mirror of
https://github.com/donl/gPanel.git
synced 2026-06-30 06:12:06 -06:00
updated user api to use hashed passwords
This commit is contained in:
parent
d758dbb28c
commit
4237032778
3 changed files with 15 additions and 16 deletions
|
|
@ -6,6 +6,7 @@ import (
|
|||
"net/http"
|
||||
|
||||
"github.com/Ennovar/gPanel/pkg/database"
|
||||
"github.com/Ennovar/gPanel/pkg/encryption"
|
||||
)
|
||||
|
||||
// userRequestData struct is the structure of the JSON data to be
|
||||
|
|
@ -49,14 +50,14 @@ func UserAuthentication(res http.ResponseWriter, req *http.Request) bool {
|
|||
return false
|
||||
}
|
||||
|
||||
if userRequestData.Pass != userDatabaseData.Pass {
|
||||
http.Error(res, "Invalid password", http.StatusUnauthorized)
|
||||
err = encryption.CheckPassword([]byte(userDatabaseData.Pass), []byte(userRequestData.Pass))
|
||||
if err != nil {
|
||||
http.Error(res, err.Error(), http.StatusUnauthorized)
|
||||
return false
|
||||
}
|
||||
|
||||
res.WriteHeader(http.StatusNoContent)
|
||||
return true
|
||||
|
||||
}
|
||||
|
||||
// UserAuthentication function is accessed by an API call from the webhost root
|
||||
|
|
@ -83,7 +84,12 @@ func UserRegistration(res http.ResponseWriter, req *http.Request) bool {
|
|||
}
|
||||
defer ds.Close()
|
||||
|
||||
userDatabaseData.Pass = userRequestData.Pass
|
||||
userDatabaseData.Pass, err = encryption.HashPassword(userRequestData.Pass)
|
||||
if err != nil {
|
||||
http.Error(res, err.Error(), http.StatusBadRequest)
|
||||
return false
|
||||
}
|
||||
|
||||
err = ds.Put(database.BUCKET_USERS, []byte(userRequestData.User), userDatabaseData)
|
||||
if err != nil {
|
||||
http.Error(res, err.Error(), http.StatusBadRequest)
|
||||
|
|
@ -92,5 +98,4 @@ func UserRegistration(res http.ResponseWriter, req *http.Request) bool {
|
|||
|
||||
res.WriteHeader(http.StatusNoContent)
|
||||
return true
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -8,12 +8,6 @@ func HashPassword(password string) (string, error) {
|
|||
return string(hash), err
|
||||
}
|
||||
|
||||
func CheckPassword(hash, plainText []byte) (bool, error) {
|
||||
err := bcrypt.CompareHashAndPassword(hash, plainText)
|
||||
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
|
||||
return true, nil
|
||||
func CheckPassword(hash, plainText []byte) error {
|
||||
return bcrypt.CompareHashAndPassword(hash, plainText)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -27,11 +27,11 @@ func TestPasswordHashing(t *testing.T) {
|
|||
t.Errorf("Error in password_test using HashPassword func: %s", err.Error())
|
||||
}
|
||||
|
||||
ok, err := CheckPassword([]byte(password.hash), []byte(password.plainText))
|
||||
err = CheckPassword([]byte(password.hash), []byte(password.plainText))
|
||||
|
||||
if err != nil {
|
||||
if ok != password.ok {
|
||||
t.Errorf("In password_test expected %t, but got %t from CheckPassword func", password.ok, ok)
|
||||
if password.ok {
|
||||
t.Errorf("Error in password_test using CheckPassword func: %s", err.Error())
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue