Adjustments

This commit is contained in:
scs 2018-12-27 22:09:23 +00:00
parent 6747d68177
commit b38f59e475
3 changed files with 29 additions and 11 deletions

Binary file not shown.

View File

@ -15,7 +15,7 @@ func main() {
flag.StringVar(&email, "email", "", "Email address to use for registration test") flag.StringVar(&email, "email", "", "Email address to use for registration test")
flag.Parse() flag.Parse()
db, err:=sqlx.Open("sqlite3", ":memory") db, err:=sqlx.Open("sqlite3", ":memory:")
if err!=nil { if err!=nil {
fmt.Println("Couldn't open sqlite3 in-memory db:" + err.Error()) fmt.Println("Couldn't open sqlite3 in-memory db:" + err.Error())
os.Exit(1) os.Exit(1)
@ -27,11 +27,13 @@ func main() {
os.Exit(1) os.Exit(1)
} }
schema:=`CREATE TABLE test_auth ( schema:=`CREATE TABLE test_auth (
username text NOT NULL unique key , username text NOT NULL ,
crypt text NOT NULL, password text NOT NULL,
email text NOT NULL unique key, email text NOT NULL unique,
recovery text NOT NULL DEFAULT '', recovery text NOT NULL DEFAULT '',
recoverytime timestamp null, recoverytime timestamp null,
registration_date timestamp not null,
registration_ip text not null,
lastseen timestamp );` lastseen timestamp );`
_ ,err=db.Exec(schema) _ ,err=db.Exec(schema)
if err != nil { if err != nil {

28
main.go
View File

@ -42,12 +42,16 @@ func Init(dbin *sqlx.DB, tp, sitename, fromaddr string) {
} }
func UsernameAvailable(username string) bool { func UsernameAvailable(username string) bool {
var u string
q := fmt.Sprintf("select username from %s_auth where username=$1", c.TablePrefix) q := fmt.Sprintf("select username from %s_auth where username=$1", c.TablePrefix)
err := c.db.Get(q, username) err := c.db.Get(&u, q, username)
if err == sql.ErrNoRows { if err == sql.ErrNoRows {
return true return true
} }
if err != nil {
log.Printf("UsernameAvailable returned error: " + err.Error() + " Query was " + q)
return false
}
return false return false
} }
@ -57,20 +61,32 @@ func Register(username, email, ip string) bool {
if !UsernameAvailable(username) { if !UsernameAvailable(username) {
return false return false
} }
log.Println("getting random bytes")
pass := randBytes(16) pass := randBytes(16)
crypt, err := bcrypt.GenerateFromPassword(pass, 20) log.Println("Generating hash")
crypt, err := bcrypt.GenerateFromPassword(pass, 10)
if err != nil { if err != nil {
log.Printf("Bcrypt GenerateFromPassword failed? Pass is %s and error is %s\n", pass, err.Error()) log.Printf("Bcrypt GenerateFromPassword failed? Pass is %s and error is %s\n", pass, err.Error())
return false return false
} }
q := fmt.Sprintf("insert into %s_auth (username, email, password, registration_date, registration_ip) values ($1, $2, $3, NOW(), $4)", c.TablePrefix) fmt.Println("db insert")
q := fmt.Sprintf("insert into %s_auth (username, email, password, registration_date, registration_ip) values ($1, $2, $3, CURRENT_TIMESTAMP, $4)", c.TablePrefix)
_, err = c.db.Exec(q, username, email, crypt, ip) _, err = c.db.Exec(q, username, email, crypt, ip)
if err != nil { if err != nil {
log.Println("Register: insert failed: " + err.Error())
return false return false
} }
if sendRegistrationEmail(email, username, string(pass)) {
return true return true
} }
log.Println("Failed to send registration email, deleting user.")
q=fmt.Sprintf("delete from %s_auth where username=$1 AND password=$2", c.TablePrefix)
_,err = c.db.Exec(q, username, string(crypt))
if err != nil {
log.Println("Failed to delete new user " + username + " : " + err.Error())
}
return false
}
func Login(username, password string) bool { func Login(username, password string) bool {
q:=fmt.Sprintf("select password from %s_auth where username=$1",c.TablePrefix) q:=fmt.Sprintf("select password from %s_auth where username=$1",c.TablePrefix)
@ -89,7 +105,7 @@ func Login(username, password string) bool {
} }
func bump(username string) { func bump(username string) {
q:=fmt.Sprintf("update %s_auth set lastseen=NOW() where username=$1", c.TablePrefix) q:=fmt.Sprintf("update %s_auth set lastseen=CURRENT_TIMESTAMP where username=$1", c.TablePrefix)
_, err :=c.db.Exec(q, username) _, err :=c.db.Exec(q, username)
if err != nil { if err != nil {
log.Println("Error on user bump: " + err.Error()) log.Println("Error on user bump: " + err.Error())