♻️ Keep password hashing outside the store

This commit is contained in:
Andreas Schneider 2020-10-17 14:50:21 +02:00
parent db5fb05ce1
commit cc612271a5
1 changed files with 2 additions and 16 deletions

View File

@ -33,7 +33,6 @@ import (
uuid "github.com/satori/go.uuid"
"github.com/tidwall/buntdb"
"golang.org/x/crypto/bcrypt"
)
type UserStore interface {
@ -79,8 +78,7 @@ const (
type User struct {
Username string
Password string `json:"-"`
PasswordHash string `json:"Password"`
Password string
Role GlobalRole
}
@ -153,11 +151,7 @@ func (u User) merge(updates User) (User, error) {
merged := u
if updates.Password != "" {
pwHash, err := hashPassword(updates.Password)
if err != nil {
return u, fmt.Errorf("cannot hash password: %w", err)
}
merged.PasswordHash = pwHash
merged.Password = updates.Password
}
if updates.Role != "" {
merged.Role = updates.Role
@ -288,14 +282,6 @@ func (store *DBStore) RemoveUser(username string) (err error) {
})
}
func hashPassword(password string) (string, error) {
hash, err := bcrypt.GenerateFromPassword([]byte(password), 0)
if err != nil {
return "", err
}
return string(hash), nil
}
func (store *DBStore) CreateShare() (Share, error) {
share := Share{
UUID: uuid.NewV4(),