trantor/lib/database/users.go

package database

import (
	log "github.com/cihub/seelog"

	"bytes"
	"crypto/rand"
	"errors"

	"golang.org/x/crypto/scrypt"
)

type user struct {
	ID       int
	Username string
	Password []byte
	Salt     []byte
	Role     string
}

func (db *pgDB) AddUser(name string, pass string) error {
	if !validUserName(name) {
		return errors.New("Invalid user name")
	}
	num, err := db.sql.Model(&user{}).Where("username = ?", name).Count()
	if err != nil {
		log.Error("Error on database checking user ", name, ": ", err)
		return errors.New("An error happen on the database")
	}
	if num != 0 {
		return errors.New("User name already exist")
	}

	hpass, salt, err := hashPass(pass)
	if err != nil {
		log.Error("Error hashing password: ", err)
		return errors.New("An error happen storing the password")
	}
	return db.AddRawUser(name, hpass, salt, "")
}

func (db *pgDB) AddRawUser(name string, hpass []byte, salt []byte, role string) error {
	u := user{
		Username: name,
		Password: hpass,
		Salt:     salt,
		Role:     role,
	}
	return db.sql.Insert(&u)
}

func (db *pgDB) GetRole(name string) (string, error) {
	var u user
	err := db.sql.Model(&u).Where("username = ?", name).Select()
	return u.Role, err
}

func (db *pgDB) ValidPassword(name string, pass string) bool {
	var u user
	err := db.sql.Model(&u).Where("username = ?", name).Select()
	if err != nil {
		return false
	}

	hash, err := calculateHash(pass, u.Salt)
	if err != nil {
		return false
	}
	return bytes.Compare(u.Password, hash) == 0
}

func (db *pgDB) SetPassword(name string, pass string) error {
	hash, salt, err := hashPass(pass)
	if err != nil {
		return err
	}
	_, err = db.sql.Model(user{}).
		Set("pass = ?, salt = ?", hash, salt).
		Where("username = ?", name).
		Update()
	return err
}

func validUserName(name string) bool {
	return name != ""
}

func hashPass(pass string) (hash []byte, salt []byte, err error) {
	salt, err = genSalt()
	if err != nil {
		return
	}
	hash, err = calculateHash(pass, salt)
	return
}

func genSalt() ([]byte, error) {
	const saltLen = 64

	b := make([]byte, saltLen)
	_, err := rand.Read(b)
	return b, err
}

func calculateHash(pass string, salt []byte) ([]byte, error) {
	const (
		N      = 16384
		r      = 8
		p      = 1
		keyLen = 32
	)

	bpass := []byte(pass)
	return scrypt.Key(bpass, salt, N, r, p, keyLen)
}
Refactor database 2014-06-29 19:41:29 -05:00			`package database`

			`import (`
Normalize includes 2014-08-30 13:17:50 -05:00			`log "github.com/cihub/seelog"`

Refactor database 2014-06-29 19:41:29 -05:00			`"bytes"`
Use scrypt to store passwords 2014-06-30 23:06:55 -05:00			`"crypto/rand"`
Refactor database 2014-06-29 19:41:29 -05:00			`"errors"`
Normalize includes 2014-08-30 13:17:50 -05:00
Use the oficial golang.org/x/crypto lib 2016-01-28 17:14:43 -05:00			`"golang.org/x/crypto/scrypt"`
Refactor database 2014-06-29 19:41:29 -05:00			`)`

[WIP] migration to psql TODO: [ ] stats [ ] indexes 2016-07-30 07:10:33 -04:00			`type user struct {`
			`ID int`
			`Username string`
			`Password []byte`
			`Salt []byte`
			`Role string`
Refactor database 2014-06-29 19:41:29 -05:00			`}`

[WIP] migration to psql TODO: [ ] stats [ ] indexes 2016-07-30 07:10:33 -04:00			`func (db *pgDB) AddUser(name string, pass string) error {`
Refactor database 2014-06-29 19:41:29 -05:00			`if !validUserName(name) {`
			`return errors.New("Invalid user name")`
			`}`
[WIP] migration to psql TODO: [ ] stats [ ] indexes 2016-07-30 07:10:33 -04:00			`num, err := db.sql.Model(&user{}).Where("username = ?", name).Count()`
Refactor database 2014-06-29 19:41:29 -05:00			`if err != nil {`
			`log.Error("Error on database checking user ", name, ": ", err)`
			`return errors.New("An error happen on the database")`
			`}`
			`if num != 0 {`
			`return errors.New("User name already exist")`
			`}`

[WIP] migration to psql TODO: [ ] stats [ ] indexes 2016-07-30 07:10:33 -04:00			`hpass, salt, err := hashPass(pass)`
Use scrypt to store passwords 2014-06-30 23:06:55 -05:00			`if err != nil {`
			`log.Error("Error hashing password: ", err)`
			`return errors.New("An error happen storing the password")`
			`}`
Expose AddRaw[User\|News] for scripting 2017-05-21 22:48:43 +00:00			`return db.AddRawUser(name, hpass, salt, "")`
Helper functions for the migration scripts 2016-09-04 12:33:53 -04:00			`}`

Expose AddRaw[User\|News] for scripting 2017-05-21 22:48:43 +00:00			`func (db *pgDB) AddRawUser(name string, hpass []byte, salt []byte, role string) error {`
[WIP] migration to psql TODO: [ ] stats [ ] indexes 2016-07-30 07:10:33 -04:00			`u := user{`
			`Username: name,`
			`Password: hpass,`
			`Salt: salt,`
Helper functions for the migration scripts 2016-09-04 12:33:53 -04:00			`Role: role,`
[WIP] migration to psql TODO: [ ] stats [ ] indexes 2016-07-30 07:10:33 -04:00			`}`
Using master pg library 2017-05-18 22:16:16 +00:00			`return db.sql.Insert(&u)`
Refactor database 2014-06-29 19:41:29 -05:00			`}`

[WIP] migration to psql TODO: [ ] stats [ ] indexes 2016-07-30 07:10:33 -04:00			`func (db *pgDB) GetRole(name string) (string, error) {`
			`var u user`
			`err := db.sql.Model(&u).Where("username = ?", name).Select()`
			`return u.Role, err`
Refactor database 2014-06-29 19:41:29 -05:00			`}`

[WIP] migration to psql TODO: [ ] stats [ ] indexes 2016-07-30 07:10:33 -04:00			`func (db *pgDB) ValidPassword(name string, pass string) bool {`
			`var u user`
			`err := db.sql.Model(&u).Where("username = ?", name).Select()`
			`if err != nil {`
Refactor database 2014-06-29 19:41:29 -05:00			`return false`
			`}`

[WIP] migration to psql TODO: [ ] stats [ ] indexes 2016-07-30 07:10:33 -04:00			`hash, err := calculateHash(pass, u.Salt)`
			`if err != nil {`
			`return false`
			`}`
			`return bytes.Compare(u.Password, hash) == 0`
Refactor database 2014-06-29 19:41:29 -05:00			`}`

[WIP] migration to psql TODO: [ ] stats [ ] indexes 2016-07-30 07:10:33 -04:00			`func (db *pgDB) SetPassword(name string, pass string) error {`
Use scrypt to store passwords 2014-06-30 23:06:55 -05:00			`hash, salt, err := hashPass(pass)`
			`if err != nil {`
			`return err`
			`}`
[WIP] migration to psql TODO: [ ] stats [ ] indexes 2016-07-30 07:10:33 -04:00			`_, err = db.sql.Model(user{}).`
			`Set("pass = ?, salt = ?", hash, salt).`
			`Where("username = ?", name).`
			`Update()`
			`return err`
			`}`

			`func validUserName(name string) bool {`
			`return name != ""`
Refactor database 2014-06-29 19:41:29 -05:00			`}`

Use scrypt to store passwords 2014-06-30 23:06:55 -05:00			`func hashPass(pass string) (hash []byte, salt []byte, err error) {`
			`salt, err = genSalt()`
			`if err != nil {`
			`return`
			`}`
			`hash, err = calculateHash(pass, salt)`
			`return`
			`}`

			`func genSalt() ([]byte, error) {`
[WIP] migration to psql TODO: [ ] stats [ ] indexes 2016-07-30 07:10:33 -04:00			`const saltLen = 64`
Use scrypt to store passwords 2014-06-30 23:06:55 -05:00
			`b := make([]byte, saltLen)`
			`_, err := rand.Read(b)`
			`return b, err`
			`}`

			`func calculateHash(pass string, salt []byte) ([]byte, error) {`
			`const (`
			`N = 16384`
			`r = 8`
			`p = 1`
			`keyLen = 32`
			`)`

			`bpass := []byte(pass)`
			`return scrypt.Key(bpass, salt, N, r, p, keyLen)`
Refactor database 2014-06-29 19:41:29 -05:00			`}`