added chaging of password
This commit is contained in:
z1glr
@@ -24,11 +24,6 @@ func hashPassword(password string) ([]byte, error) {
|
||||
return bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
|
||||
}
|
||||
|
||||
// validates a password against the password-rules
|
||||
func ValidatePassword(password string) bool {
|
||||
return len(password) >= 12 && len(password) <= 64
|
||||
}
|
||||
|
||||
func Get() (map[string]User, error) {
|
||||
if users, hit := c.Get("users"); !hit {
|
||||
refresh()
|
||||
@@ -41,7 +36,7 @@ func Get() (map[string]User, error) {
|
||||
|
||||
type UserAdd struct {
|
||||
UserName string `json:"userName" validate:"required" db:"userName"`
|
||||
Password string `json:"password" validate:"required,min=8"`
|
||||
Password string `json:"password" validate:"required,min=12"`
|
||||
Admin bool `json:"admin" db:"admin"`
|
||||
}
|
||||
|
||||
@@ -70,6 +65,36 @@ func Add(user UserAdd) error {
|
||||
}
|
||||
}
|
||||
|
||||
type UserChangePassword struct {
|
||||
UserName string `json:"userName" validate:"required" db:"userName"`
|
||||
Password string `json:"password" validate:"required,min=12"`
|
||||
}
|
||||
|
||||
func ChangePassword(user UserChangePassword) error {
|
||||
// try to hash teh password
|
||||
if hash, err := hashPassword(user.Password); err != nil {
|
||||
return err
|
||||
} else {
|
||||
execStruct := struct {
|
||||
UserName string `db:"userName"`
|
||||
Password []byte `db:"password"`
|
||||
TokenID string `db:"tokenID"`
|
||||
}{
|
||||
UserName: user.UserName,
|
||||
Password: hash,
|
||||
TokenID: uuid.NewString(),
|
||||
}
|
||||
|
||||
if _, err := db.DB.NamedExec("UPDATE USERS SET tokenID = :tokenID, password = :password WHERE name = :userName", execStruct); err != nil {
|
||||
return err
|
||||
} else {
|
||||
refresh()
|
||||
|
||||
return nil
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func refresh() {
|
||||
// get the usersRaw from the database
|
||||
var usersRaw []User
|
||||
|
||||
@@ -84,7 +84,9 @@ func init() {
|
||||
"events": postEvent,
|
||||
"users": postUser,
|
||||
},
|
||||
"PATCH": {},
|
||||
"PATCH": {
|
||||
"users/password": patchPassword,
|
||||
},
|
||||
"DELETE": {
|
||||
"event": deleteEvent,
|
||||
},
|
||||
|
||||
@@ -34,3 +34,29 @@ func postUser(args HandlerArgs) responseMessage {
|
||||
|
||||
return response
|
||||
}
|
||||
|
||||
func patchPassword(args HandlerArgs) responseMessage {
|
||||
response := responseMessage{}
|
||||
// parse the body
|
||||
var body users.UserChangePassword
|
||||
|
||||
if err := args.C.BodyParser(&body); err != nil {
|
||||
response.Status = fiber.StatusBadRequest
|
||||
|
||||
logger.Log().Msgf("can't parse body: %v", err)
|
||||
} else {
|
||||
body.UserName = args.User.UserName
|
||||
|
||||
if err := validate.Struct(body); err != nil {
|
||||
response.Status = fiber.StatusBadRequest
|
||||
|
||||
logger.Info().Msgf("invalid body: %v", err)
|
||||
} else if err := users.ChangePassword(body); err != nil {
|
||||
response.Status = fiber.StatusInternalServerError
|
||||
|
||||
logger.Error().Msgf("can't update password: %v", err)
|
||||
}
|
||||
}
|
||||
|
||||
return response
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user