2018-12-25 19:22:13 +00:00
|
|
|
package scsusers
|
|
|
|
|
|
|
|
import (
|
|
|
|
"database/sql"
|
|
|
|
"fmt"
|
|
|
|
"html/template"
|
|
|
|
"log"
|
|
|
|
"strings"
|
2020-12-19 01:41:28 +00:00
|
|
|
|
|
|
|
"github.com/jmoiron/sqlx"
|
|
|
|
"golang.org/x/crypto/bcrypt"
|
2020-06-04 20:02:46 +00:00
|
|
|
)
|
2018-12-27 21:49:59 +00:00
|
|
|
|
2018-12-25 19:22:13 +00:00
|
|
|
type templates struct {
|
|
|
|
Registration *template.Template
|
|
|
|
Alert *template.Template
|
|
|
|
Recovery *template.Template
|
2023-09-26 20:45:19 +00:00
|
|
|
TwoFA *template.Template
|
2018-12-25 19:22:13 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
type config struct {
|
|
|
|
SiteName string
|
|
|
|
FromEmail string
|
|
|
|
Templates templates
|
2020-06-04 20:02:46 +00:00
|
|
|
SMTPServer string
|
2018-12-25 19:22:13 +00:00
|
|
|
db *sqlx.DB
|
2023-09-19 22:01:41 +00:00
|
|
|
testing bool
|
2018-12-25 19:22:13 +00:00
|
|
|
TablePrefix string
|
|
|
|
}
|
|
|
|
|
2018-12-28 19:33:36 +00:00
|
|
|
type UserData struct {
|
2023-09-19 22:01:41 +00:00
|
|
|
UserID int64 `db:"id"`
|
|
|
|
Username string `db:"username"`
|
|
|
|
Password string `db:"password"`
|
|
|
|
|
|
|
|
Meta map[string]metadata
|
|
|
|
}
|
|
|
|
|
|
|
|
type metadata struct {
|
|
|
|
Key string `db:"meta_key"`
|
|
|
|
Value string `db:"meta_value"`
|
|
|
|
ID int64 `db:"id"`
|
2018-12-28 19:33:36 +00:00
|
|
|
}
|
|
|
|
|
2018-12-25 19:22:13 +00:00
|
|
|
var c config
|
|
|
|
|
2019-01-02 19:04:40 +00:00
|
|
|
func Init(dbin *sqlx.DB, tp, sitename, fromaddr, smtpserver string) {
|
2018-12-25 19:22:13 +00:00
|
|
|
c.db = dbin
|
|
|
|
c.TablePrefix = tp
|
|
|
|
c.SiteName = sitename
|
|
|
|
c.FromEmail = fromaddr
|
2020-06-04 20:02:46 +00:00
|
|
|
c.SMTPServer = smtpserver
|
2018-12-25 19:22:13 +00:00
|
|
|
|
|
|
|
SetRegistrationTemplate("")
|
|
|
|
SetAlertTemplate("")
|
|
|
|
SetRecoveryTemplate("")
|
2023-09-26 20:36:03 +00:00
|
|
|
Set2faTemplate("")
|
2018-12-25 19:22:13 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func UsernameAvailable(username string) bool {
|
2020-06-04 20:02:46 +00:00
|
|
|
if len(username) == 0 {
|
2018-12-28 19:33:36 +00:00
|
|
|
return false
|
|
|
|
}
|
2020-07-18 11:55:19 +00:00
|
|
|
var tmp string
|
2020-07-18 12:03:31 +00:00
|
|
|
username = strings.ToLower(username)
|
2020-07-18 11:55:19 +00:00
|
|
|
|
2023-09-19 22:09:33 +00:00
|
|
|
q := fmt.Sprintf("select username from %s_auth where username = ?", c.TablePrefix)
|
2020-07-18 12:03:31 +00:00
|
|
|
err := c.db.Get(&tmp, q, username)
|
2018-12-25 19:22:13 +00:00
|
|
|
if err == sql.ErrNoRows {
|
|
|
|
return true
|
|
|
|
}
|
2018-12-27 22:09:23 +00:00
|
|
|
if err != nil {
|
|
|
|
log.Printf("UsernameAvailable returned error: " + err.Error() + " Query was " + q)
|
|
|
|
return false
|
|
|
|
}
|
2018-12-25 19:22:13 +00:00
|
|
|
return false
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Check for username availability, add to database, send email */
|
|
|
|
|
|
|
|
func Register(username, email, ip string) bool {
|
|
|
|
if !UsernameAvailable(username) {
|
|
|
|
return false
|
|
|
|
}
|
2020-07-18 12:03:31 +00:00
|
|
|
username = strings.ToLower(username)
|
2020-07-18 11:55:19 +00:00
|
|
|
|
2023-10-07 13:22:30 +00:00
|
|
|
pass := generatePassword(16)
|
2018-12-27 22:09:23 +00:00
|
|
|
crypt, err := bcrypt.GenerateFromPassword(pass, 10)
|
2018-12-25 19:22:13 +00:00
|
|
|
if err != nil {
|
2019-01-02 15:21:05 +00:00
|
|
|
log.Printf("scsusers.Register: Bcrypt GenerateFromPassword failed? Pass is %s and error is %s\n", pass, err.Error())
|
2018-12-25 19:22:13 +00:00
|
|
|
return false
|
|
|
|
}
|
2023-09-19 22:09:33 +00:00
|
|
|
_, err = c.db.Query(fmt.Sprintf("insert into %s_auth (username, password) VALUES (?,?)", c.TablePrefix), username, crypt)
|
2018-12-25 19:22:13 +00:00
|
|
|
if err != nil {
|
2019-01-02 15:21:05 +00:00
|
|
|
log.Printf("scsusers.Register: insert failed: %s\n", err.Error())
|
2018-12-25 19:22:13 +00:00
|
|
|
return false
|
|
|
|
}
|
2023-09-19 22:01:41 +00:00
|
|
|
if c.testing {
|
|
|
|
return true
|
|
|
|
}
|
2020-07-23 22:12:44 +00:00
|
|
|
if SendRegistrationEmail(email, username, string(pass)) {
|
2019-01-02 15:21:05 +00:00
|
|
|
log.Printf("scsusers.Register: New user registration: %s from %s\n", username, ip)
|
2018-12-27 22:09:23 +00:00
|
|
|
return true
|
|
|
|
}
|
2019-01-02 15:21:05 +00:00
|
|
|
log.Printf("scsusers.Register: Failed to send registration email, deleting user %s\n", username)
|
2023-09-19 22:09:33 +00:00
|
|
|
q := fmt.Sprintf("delete from %s_auth where username = ? AND password=?", c.TablePrefix)
|
2020-07-18 12:03:31 +00:00
|
|
|
_, err = c.db.Exec(q, username, string(crypt))
|
2018-12-27 22:09:23 +00:00
|
|
|
if err != nil {
|
2019-01-02 15:21:05 +00:00
|
|
|
log.Printf("scsusers.Register: Failed to delete new user %s: %s\n", username, err.Error())
|
2018-12-27 22:09:23 +00:00
|
|
|
}
|
|
|
|
return false
|
2018-12-25 19:22:13 +00:00
|
|
|
}
|
|
|
|
|
2023-09-19 22:01:41 +00:00
|
|
|
func NewUser() *UserData {
|
|
|
|
var u UserData
|
|
|
|
u.Meta = make(map[string]metadata)
|
|
|
|
return &u
|
|
|
|
}
|
|
|
|
|
|
|
|
func Get(username string) (*UserData, bool) {
|
|
|
|
u := NewUser()
|
2023-09-19 22:09:33 +00:00
|
|
|
q := fmt.Sprintf("select username, password, id from %s_auth where username=?", c.TablePrefix)
|
2023-09-19 22:12:55 +00:00
|
|
|
err := c.db.Get(u, q, username)
|
2018-12-27 21:49:59 +00:00
|
|
|
if err != nil {
|
2023-09-19 22:01:41 +00:00
|
|
|
if err == sql.ErrNoRows {
|
|
|
|
return nil, false
|
|
|
|
}
|
|
|
|
log.Printf("scsusers.Get: %s", err.Error())
|
|
|
|
return nil, false
|
|
|
|
}
|
2023-09-19 22:23:38 +00:00
|
|
|
|
2023-10-07 13:48:40 +00:00
|
|
|
return u, u.LoadMeta()
|
2023-09-19 22:01:41 +00:00
|
|
|
}
|
|
|
|
|
2019-01-11 21:39:47 +00:00
|
|
|
func GetUserid(username string) int64 {
|
|
|
|
var i int64
|
2020-07-18 12:03:31 +00:00
|
|
|
username = strings.ToLower(username)
|
2020-07-18 11:55:19 +00:00
|
|
|
|
2023-09-19 22:09:33 +00:00
|
|
|
q := fmt.Sprintf("select userid from %s_auth where username = ?", c.TablePrefix)
|
2020-07-18 12:03:31 +00:00
|
|
|
err := c.db.Get(&i, q, username)
|
2019-01-11 21:39:47 +00:00
|
|
|
if err != nil {
|
|
|
|
log.Printf("scsusers.getUserId: Error loading user: %s : %s\n", username, err.Error())
|
|
|
|
return 0
|
|
|
|
}
|
|
|
|
return i
|
|
|
|
}
|