add password encrypt with bcrytp
This commit is contained in:
1
go.mod
1
go.mod
@@ -5,4 +5,5 @@ go 1.16
|
|||||||
require (
|
require (
|
||||||
github.com/gorilla/sessions v1.2.1
|
github.com/gorilla/sessions v1.2.1
|
||||||
github.com/mattn/go-sqlite3 v1.14.7
|
github.com/mattn/go-sqlite3 v1.14.7
|
||||||
|
golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d
|
||||||
)
|
)
|
||||||
|
|||||||
9
go.sum
9
go.sum
@@ -4,3 +4,12 @@ github.com/gorilla/sessions v1.2.1 h1:DHd3rPN5lE3Ts3D8rKkQ8x/0kqfeNmBAaiSi+o7Fsg
|
|||||||
github.com/gorilla/sessions v1.2.1/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/zI+bUmuGM=
|
github.com/gorilla/sessions v1.2.1/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/zI+bUmuGM=
|
||||||
github.com/mattn/go-sqlite3 v1.14.7 h1:fxWBnXkxfM6sRiuH3bqJ4CfzZojMOLVc0UTsTglEghA=
|
github.com/mattn/go-sqlite3 v1.14.7 h1:fxWBnXkxfM6sRiuH3bqJ4CfzZojMOLVc0UTsTglEghA=
|
||||||
github.com/mattn/go-sqlite3 v1.14.7/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
|
github.com/mattn/go-sqlite3 v1.14.7/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
|
||||||
|
golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d h1:sK3txAijHtOK88l68nt020reeT1ZdKLIYetKl95FzVY=
|
||||||
|
golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
|
||||||
|
golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
||||||
|
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
|
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
|
||||||
|
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
|
||||||
|
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||||
|
|||||||
@@ -1,5 +1,10 @@
|
|||||||
package database
|
package database
|
||||||
|
|
||||||
|
import (
|
||||||
|
"golang.org/x/crypto/bcrypt"
|
||||||
|
"log"
|
||||||
|
)
|
||||||
|
|
||||||
func (database *Database) Login(username string, password string) (*User, error) {
|
func (database *Database) Login(username string, password string) (*User, error) {
|
||||||
database.singleThreadLock.Lock()
|
database.singleThreadLock.Lock()
|
||||||
defer database.singleThreadLock.Unlock()
|
defer database.singleThreadLock.Unlock()
|
||||||
@@ -7,10 +12,17 @@ func (database *Database) Login(username string, password string) (*User, error)
|
|||||||
user := &User{}
|
user := &User{}
|
||||||
|
|
||||||
// get user from database
|
// get user from database
|
||||||
err := database.stmt.getUser.QueryRow(username, password).Scan(&user.ID, &user.Username, &user.Role, &user.Active, &user.AvatarId)
|
err := database.stmt.getUser.QueryRow(username).Scan(&user.ID, &user.Username, &user.Password, &user.Role, &user.Active, &user.AvatarId)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return user, err
|
return user, err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// validate password
|
||||||
|
err = database.ComparePassword(user.Password, password)
|
||||||
|
if err != nil {
|
||||||
|
return user, err
|
||||||
|
}
|
||||||
|
|
||||||
return user, nil
|
return user, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -44,6 +56,9 @@ func (database *Database) Register(username string, password string, usertype in
|
|||||||
active = true
|
active = true
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// encrypt password
|
||||||
|
password = database.EncryptPassword(password)
|
||||||
|
|
||||||
database.singleThreadLock.Lock()
|
database.singleThreadLock.Lock()
|
||||||
defer database.singleThreadLock.Unlock()
|
defer database.singleThreadLock.Unlock()
|
||||||
|
|
||||||
@@ -130,9 +145,27 @@ func (database *Database) UpdateUserPassword(id int64, password string) error {
|
|||||||
database.singleThreadLock.Lock()
|
database.singleThreadLock.Lock()
|
||||||
defer database.singleThreadLock.Unlock()
|
defer database.singleThreadLock.Unlock()
|
||||||
|
|
||||||
|
// encrypt password
|
||||||
|
password = database.EncryptPassword(password)
|
||||||
|
|
||||||
_, err := database.stmt.updateUserPassword.Exec(password, id)
|
_, err := database.stmt.updateUserPassword.Exec(password, id)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (database *Database) EncryptPassword(password string) string {
|
||||||
|
hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
|
||||||
|
if err != nil {
|
||||||
|
log.Println("[database] Failed to hash password, using plaintext password")
|
||||||
|
return password
|
||||||
|
}
|
||||||
|
|
||||||
|
return string(hash)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (database *Database) ComparePassword(hashedPassword string, plainTextPassword string) error {
|
||||||
|
err := bcrypt.CompareHashAndPassword([]byte(hashedPassword), []byte(plainTextPassword))
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|||||||
@@ -193,7 +193,7 @@ var countUserQuery = `SELECT count(*) FROM users;`
|
|||||||
|
|
||||||
var countAdminQuery = `SELECT count(*) FROM users WHERE role= 1;`
|
var countAdminQuery = `SELECT count(*) FROM users WHERE role= 1;`
|
||||||
|
|
||||||
var getUserQuery = `SELECT id, username, role, active, avatar_id FROM users WHERE username = ? AND password = ? LIMIT 1;`
|
var getUserQuery = `SELECT id, username, password, role, active, avatar_id FROM users WHERE username = ? LIMIT 1;`
|
||||||
|
|
||||||
var getUsersQuery = `SELECT id, username, role, active, avatar_id FROM users;`
|
var getUsersQuery = `SELECT id, username, role, active, avatar_id FROM users;`
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user