crypt recovery

This commit is contained in:
Your Name 2023-10-07 09:55:21 -04:00
parent cab4cd536f
commit 8aeab8bb3e
4 changed files with 10 additions and 6 deletions

View File

@ -30,7 +30,7 @@ func Login(username, password string) bool {
log.Printf("scsusers.Login: recovery time expired") log.Printf("scsusers.Login: recovery time expired")
return false return false
} }
u.Delete("recoverykey") u.Delete("recoverycode")
u.Delete("recoverytime") u.Delete("recoverytime")
} }
log.Printf("User %s logged in\n", username) log.Printf("User %s logged in\n", username)

View File

@ -23,7 +23,6 @@ func (u *UserData) LoadMeta() bool {
var m metadata var m metadata
rows.Scan(&m.Key, &m.Value, &m.ID) rows.Scan(&m.Key, &m.Value, &m.ID)
u.Meta[m.Key] = m u.Meta[m.Key] = m
log.Printf("Loaded meta key %s id %d value %s", m.Key, m.ID, m.Value)
} }
return true return true

View File

@ -3,7 +3,6 @@ package scsusers
import ( import (
"crypto/rand" "crypto/rand"
"encoding/base32" "encoding/base32"
"log"
mr "math/rand" mr "math/rand"
"time" "time"
"unicode" "unicode"
@ -23,7 +22,6 @@ func scrambleCase(in []byte) []byte {
out = append(out, byte(x)) out = append(out, byte(x))
} }
} }
log.Printf("scrambleCase in %s out %s", in, out)
return out return out
} }

View File

@ -4,6 +4,8 @@ import (
"fmt" "fmt"
"log" "log"
"time" "time"
"golang.org/x/crypto/bcrypt"
) )
@ -12,12 +14,17 @@ func RecoverByEmail(email string) {
if !ok { if !ok {
return return
} }
log.Printf("%#v", u)
recoverycode := generatePassword(16) recoverycode := generatePassword(16)
u.Delete("recoverycode") u.Delete("recoverycode")
u.Delete("recoverytime") u.Delete("recoverytime")
u.Set("recoverycode", string(recoverycode)) crypt, err := bcrypt.GenerateFromPassword(recoverycode, 10)
if err != nil {
log.Println("pass generation failed")
return
}
u.Set("recoverycode", string(crypt))
u.Set("recoverytime", fmt.Sprintf("%d", time.Now().Add(time.Minute*60).Unix())) u.Set("recoverytime", fmt.Sprintf("%d", time.Now().Add(time.Minute*60).Unix()))
SendRecoveryEmail(email, email, string(recoverycode)) SendRecoveryEmail(email, email, string(recoverycode))