♻️ Keep password hashing outside the store
This commit is contained in:
parent
db5fb05ce1
commit
cc612271a5
18
store.go
18
store.go
|
@ -33,7 +33,6 @@ import (
|
|||
|
||||
uuid "github.com/satori/go.uuid"
|
||||
"github.com/tidwall/buntdb"
|
||||
"golang.org/x/crypto/bcrypt"
|
||||
)
|
||||
|
||||
type UserStore interface {
|
||||
|
@ -79,8 +78,7 @@ const (
|
|||
|
||||
type User struct {
|
||||
Username string
|
||||
Password string `json:"-"`
|
||||
PasswordHash string `json:"Password"`
|
||||
Password string
|
||||
Role GlobalRole
|
||||
}
|
||||
|
||||
|
@ -153,11 +151,7 @@ func (u User) merge(updates User) (User, error) {
|
|||
merged := u
|
||||
|
||||
if updates.Password != "" {
|
||||
pwHash, err := hashPassword(updates.Password)
|
||||
if err != nil {
|
||||
return u, fmt.Errorf("cannot hash password: %w", err)
|
||||
}
|
||||
merged.PasswordHash = pwHash
|
||||
merged.Password = updates.Password
|
||||
}
|
||||
if updates.Role != "" {
|
||||
merged.Role = updates.Role
|
||||
|
@ -288,14 +282,6 @@ func (store *DBStore) RemoveUser(username string) (err error) {
|
|||
})
|
||||
}
|
||||
|
||||
func hashPassword(password string) (string, error) {
|
||||
hash, err := bcrypt.GenerateFromPassword([]byte(password), 0)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
return string(hash), nil
|
||||
}
|
||||
|
||||
func (store *DBStore) CreateShare() (Share, error) {
|
||||
share := Share{
|
||||
UUID: uuid.NewV4(),
|
||||
|
|
Loading…
Reference in New Issue