feat: passwords hashing
This commit is contained in:
efim
@@ -11,6 +11,8 @@ import (
|
||||
"strconv"
|
||||
"time"
|
||||
|
||||
"golang.org/x/crypto/bcrypt"
|
||||
|
||||
"sunshine.industries/some-automoderation/rooms"
|
||||
"sunshine.industries/some-automoderation/sessions"
|
||||
)
|
||||
@@ -125,14 +127,20 @@ func createRoomHandler(templateFs *embed.FS,
|
||||
log.Printf("error, room name occupied %s", roomName)
|
||||
return
|
||||
}
|
||||
personPassHash, err := hashPassword(r.PostFormValue("personalPassword"))
|
||||
if err != nil {
|
||||
log.Printf("error, room name occupied %s", roomName)
|
||||
return
|
||||
}
|
||||
person := rooms.Person{
|
||||
Id: rooms.RandomPersonId(),
|
||||
Name: r.PostFormValue("personalName"),
|
||||
PasswordHash: r.PostFormValue("personalPassword"), // TODO hash the password, not to store
|
||||
PasswordHash: personPassHash,
|
||||
}
|
||||
roomPassHash, err := hashPassword(r.PostFormValue("roomPassword"))
|
||||
newRoom := rooms.Room{
|
||||
Name: roomName,
|
||||
PasswordHash: r.PostFormValue("roomPassword"), // TODO hash the password, not to store
|
||||
PasswordHash: roomPassHash,
|
||||
AdminIds: []rooms.PersonId{person.Id},
|
||||
Paricipants: []rooms.PersonId{person.Id},
|
||||
AllKnownPeople: map[rooms.PersonId]rooms.Person{
|
||||
@@ -207,7 +215,7 @@ func joinRoomHandler(templateFs *embed.FS,
|
||||
}
|
||||
|
||||
// b) check if room password OK
|
||||
if room.PasswordHash != roomPass {
|
||||
if !isPasswordCorrect(roomPass, room.PasswordHash) {
|
||||
log.Printf("/login/join bad room pass for %+v", room)
|
||||
w.WriteHeader(http.StatusForbidden)
|
||||
// TODO render error to be put in error place
|
||||
@@ -223,7 +231,7 @@ func joinRoomHandler(templateFs *embed.FS,
|
||||
// c) check if such person exists,
|
||||
// knownPerson, found :=
|
||||
// check the password
|
||||
if (person != rooms.Person{}) && person.PasswordHash != personPass {
|
||||
if (person != rooms.Person{}) && !isPasswordCorrect(personPass, person.PasswordHash) {
|
||||
log.Printf("/login/join bad person pass for %+s", person.Name)
|
||||
w.WriteHeader(http.StatusForbidden)
|
||||
// TODO render error to be put in error place
|
||||
@@ -233,12 +241,13 @@ func joinRoomHandler(templateFs *embed.FS,
|
||||
if (person == rooms.Person{}) {
|
||||
log.Printf("/login/join room pass correct, new person joins")
|
||||
// creating a new person with provided password hash
|
||||
personPassHash, err := hashPassword(personPass)
|
||||
person = rooms.Person{
|
||||
Name: personName,
|
||||
PasswordHash: personPass,
|
||||
PasswordHash: personPassHash,
|
||||
Id: rooms.RandomPersonId(),
|
||||
}
|
||||
err := roomsM.Update(r.Context(), room.Name, func(fromRoom rooms.Room) (toRoom rooms.Room) {
|
||||
err = roomsM.Update(r.Context(), room.Name, func(fromRoom rooms.Room) (toRoom rooms.Room) {
|
||||
log.Printf("/login/join about to modify room %+v", fromRoom)
|
||||
toRoom = fromRoom
|
||||
toRoom.AllKnownPeople[person.Id] = person
|
||||
@@ -330,3 +339,16 @@ func logoutRoute(sessionSM sessions.SessionManagement,
|
||||
w.Header().Add("HX-Redirect", "/")
|
||||
}
|
||||
}
|
||||
|
||||
func isPasswordCorrect(password, hash string) bool {
|
||||
err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
|
||||
return err == nil
|
||||
}
|
||||
|
||||
func hashPassword(password string) (string, error) {
|
||||
hashBytes, err := bcrypt.GenerateFromPassword([]byte(password), 0)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
return string(hashBytes), nil
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user