crypt recovery
This commit is contained in:
parent
cab4cd536f
commit
8aeab8bb3e
2
auth.go
2
auth.go
|
@ -30,7 +30,7 @@ func Login(username, password string) bool {
|
||||||
log.Printf("scsusers.Login: recovery time expired")
|
log.Printf("scsusers.Login: recovery time expired")
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
u.Delete("recoverykey")
|
u.Delete("recoverycode")
|
||||||
u.Delete("recoverytime")
|
u.Delete("recoverytime")
|
||||||
}
|
}
|
||||||
log.Printf("User %s logged in\n", username)
|
log.Printf("User %s logged in\n", username)
|
||||||
|
|
1
meta.go
1
meta.go
|
@ -23,7 +23,6 @@ func (u *UserData) LoadMeta() bool {
|
||||||
var m metadata
|
var m metadata
|
||||||
rows.Scan(&m.Key, &m.Value, &m.ID)
|
rows.Scan(&m.Key, &m.Value, &m.ID)
|
||||||
u.Meta[m.Key] = m
|
u.Meta[m.Key] = m
|
||||||
log.Printf("Loaded meta key %s id %d value %s", m.Key, m.ID, m.Value)
|
|
||||||
}
|
}
|
||||||
return true
|
return true
|
||||||
|
|
||||||
|
|
|
@ -3,7 +3,6 @@ package scsusers
|
||||||
import (
|
import (
|
||||||
"crypto/rand"
|
"crypto/rand"
|
||||||
"encoding/base32"
|
"encoding/base32"
|
||||||
"log"
|
|
||||||
mr "math/rand"
|
mr "math/rand"
|
||||||
"time"
|
"time"
|
||||||
"unicode"
|
"unicode"
|
||||||
|
@ -23,7 +22,6 @@ func scrambleCase(in []byte) []byte {
|
||||||
out = append(out, byte(x))
|
out = append(out, byte(x))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
log.Printf("scrambleCase in %s out %s", in, out)
|
|
||||||
return out
|
return out
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
11
recovery.go
11
recovery.go
|
@ -4,6 +4,8 @@ import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"log"
|
"log"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
|
"golang.org/x/crypto/bcrypt"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
@ -12,12 +14,17 @@ func RecoverByEmail(email string) {
|
||||||
if !ok {
|
if !ok {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
log.Printf("%#v", u)
|
|
||||||
recoverycode := generatePassword(16)
|
recoverycode := generatePassword(16)
|
||||||
u.Delete("recoverycode")
|
u.Delete("recoverycode")
|
||||||
u.Delete("recoverytime")
|
u.Delete("recoverytime")
|
||||||
|
|
||||||
u.Set("recoverycode", string(recoverycode))
|
crypt, err := bcrypt.GenerateFromPassword(recoverycode, 10)
|
||||||
|
if err != nil {
|
||||||
|
log.Println("pass generation failed")
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
u.Set("recoverycode", string(crypt))
|
||||||
u.Set("recoverytime", fmt.Sprintf("%d", time.Now().Add(time.Minute*60).Unix()))
|
u.Set("recoverytime", fmt.Sprintf("%d", time.Now().Add(time.Minute*60).Unix()))
|
||||||
|
|
||||||
SendRecoveryEmail(email, email, string(recoverycode))
|
SendRecoveryEmail(email, email, string(recoverycode))
|
||||||
|
|
Loading…
Reference in New Issue