aksdb/ShareDAV
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

♻️ Keep password hashing outside the store

Browse Source
This commit is contained in:
Andreas Schneider 2020-10-17 14:50:21 +02:00
parent db5fb05ce1
commit cc612271a5
1 changed files with 2 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
store.go
View File

@ -33,7 +33,6 @@ import (
uuid "github.com/satori/go.uuid" uuid "github.com/satori/go.uuid"
"github.com/tidwall/buntdb" "github.com/tidwall/buntdb"
"golang.org/x/crypto/bcrypt"
) )
type UserStore interface { type UserStore interface {
@ -79,8 +78,7 @@ const (
type User struct { type User struct {
Username string Username string
Password string `json:"-"` Password string
PasswordHash string `json:"Password"`
Role GlobalRole Role GlobalRole
} }
@ -153,11 +151,7 @@ func (u User) merge(updates User) (User, error) {
merged := u merged := u
if updates.Password != "" { if updates.Password != "" {
pwHash, err := hashPassword(updates.Password) merged.Password = updates.Password
if err != nil {
return u, fmt.Errorf("cannot hash password: %w", err)
}
merged.PasswordHash = pwHash
} }
if updates.Role != "" { if updates.Role != "" {
merged.Role = updates.Role merged.Role = updates.Role
@ -288,14 +282,6 @@ func (store *DBStore) RemoveUser(username string) (err error) {
}) })
} }
func hashPassword(password string) (string, error) {
hash, err := bcrypt.GenerateFromPassword([]byte(password), 0)
if err != nil {
return "", err
}
return string(hash), nil
}
func (store *DBStore) CreateShare() (Share, error) { func (store *DBStore) CreateShare() (Share, error) {
share := Share{ share := Share{
UUID: uuid.NewV4(), UUID: uuid.NewV4(),