-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathuser.go
More file actions
163 lines (146 loc) · 4.01 KB
/
user.go
File metadata and controls
163 lines (146 loc) · 4.01 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
//contains all functions and structs to store and retreive user data
package main
import (
"fmt"
"golang.org/x/crypto/bcrypt"
)
//User is the struct to hold user data fetched from the db
type User struct {
Name string
Username string
UserID string `db:"id"`
Password string
ActiveEntry string
Admin bool
Enabled bool
}
//GetUser fetches a user from the db and returns it
func GetUser(userID string) (User, error) {
Info.Printf("GetUser(%s)\n", userID)
var u User
err := db.Get(&u,
`select
*
from
"user"
where
id=$1`,
userID)
if err != nil {
return User{}, err
}
entry, err := ActiveEntry(u.UserID)
if err != nil {
return User{}, err
}
u.ActiveEntry = entry
return u, nil
}
//VerifyLogin checks username and password against the stored values in the db.
//returns userID for match and "" + possible error for mismatch or problem along the way
func VerifyLogin(username, password string) (string, string) {
Info.Printf("VerifyLogin(%s,***)\n", username)
var u User
err := db.Get(&u,
`select
enabled, password, id
from
"user"
where
username=$1`,
username)
if err != nil {
fmt.Println(err)
return "", "Username or Password doesn't match"
}
if !u.Enabled {
return "", "User Account is disabled"
}
pwd := fmt.Sprintf("%s%s%s", salt, password, salt)
err = bcrypt.CompareHashAndPassword([]byte(u.Password), []byte(pwd))
if err != nil {
return "", "Username or Password doesn't match"
}
return u.UserID, ""
}
//GetUserList fetches a list of all users in the db.
func GetUserList() ([]User, error) {
Info.Println("GetUserList()")
var users []User
err := db.Select(&users, "select * from \"user\"")
if err != nil {
return []User{}, err
}
return users, nil
}
//StoreUser takes passed user data and updates the corresponding db entry
func StoreUser(id, username, name, password, repeat, t string) error {
Info.Printf("StoreUser(%s,%s,%s,***,***,%s)\n", id, username, name, t)
//fmt.Println(id, username, name, password, repeat, t)
if t == "edit" {
return updateUser(id, username, name, password, repeat)
} else if t == "create" {
return createUser(username, name, password, repeat)
}
return nil
}
func createUser(username, name, password, repeat string) error {
Info.Printf("createUser(%s,%s,***,***)\n", username, name)
if username != "" &&
name != "" &&
password != "" &&
repeat != "" &&
password == repeat {
saltedPassword := fmt.Sprintf("%s%s%s", salt, password, salt)
passwordCrypt, err := bcrypt.GenerateFromPassword([]byte(saltedPassword), 12)
if err != nil {
return err
}
//fmt.Printf("insert into \"user\" (username,name,password) values (%s,%s,%s)\n", username, name, passwordCrypt)
_, err = db.Exec(
`insert into "user"
(username,name,password)
values
($1,$2,$3)`,
username, name, string(passwordCrypt))
if err != nil {
return err
}
}
return nil
}
func updateUser(id, username, name, password, repeat string) error {
Info.Printf("updateUser(%s,%s,%s,***,***)\n", id, username, name)
if id != "" &&
username != "" &&
name != "" {
//fmt.Printf("update \"user\" set username=%s, name=%s where id=%s\n", username, name, id)
_, err := db.Exec("update \"user\" set username=$1, name=$2 where id=$3",
username, name, id)
if err != nil {
return err
}
}
if id != "" &&
password != "" &&
repeat != "" &&
password == repeat {
saltedPassword := fmt.Sprintf("%s%s%s", salt, password, salt)
passwordCrypt, err := bcrypt.GenerateFromPassword([]byte(saltedPassword), 12)
if err != nil {
return err
}
//fmt.Printf("update \"user\" set password=%s where id=%s\n", passwordCrypt, id)
_, err = db.Exec("update \"user\" set password=$1 where id=$2", passwordCrypt, id)
if err != nil {
return err
}
}
return nil
}
//UpdateEnabled updates a users enabled flag according to the input
func UpdateEnabled(userID string, enabled bool) error {
Info.Printf("UpdateEnabled(%s,%t)\n", userID, enabled)
_, err := db.Exec("update \"user\" set enabled=$1 where id=$2", enabled, userID)
return err
}