This commit is contained in:
Your Name 2023-10-07 10:20:01 -04:00
parent 8aeab8bb3e
commit e7110491d3
3 changed files with 7 additions and 3 deletions

View File

@ -16,7 +16,12 @@ func Login(username, password string) bool {
} }
if bcrypt.CompareHashAndPassword([]byte(u.Password), []byte(password)) != nil { if bcrypt.CompareHashAndPassword([]byte(u.Password), []byte(password)) != nil {
rc, ok := u.Get("recoverycode") rc, ok := u.Get("recoverycode")
if !ok || bcrypt.CompareHashAndPassword([]byte(u.Password), []byte(rc)) != nil { if !ok {
log.Println("No recovery code")
return false
}
log.Printf("Checking against recovery code %s", rc)
if bcrypt.CompareHashAndPassword([]byte(u.Password), []byte(rc)) != nil {
log.Printf("scsusers.Login: Failed password for " + username) log.Printf("scsusers.Login: Failed password for " + username)
return false return false
} }

View File

@ -12,7 +12,7 @@ type Metadata struct {
} }
func (u *UserData) LoadMeta() bool { func (u *UserData) LoadMeta() bool {
q:= fmt.Sprintf("select meta_key, meta_value, id from %s_meta where user=?", c.TablePrefix) q := fmt.Sprintf("select meta_key, meta_value, id from %s_meta where user=?", c.TablePrefix)
rows, err := c.db.Query(q, u.UserID) rows, err := c.db.Query(q, u.UserID)
if err != nil && err != sql.ErrNoRows { if err != nil && err != sql.ErrNoRows {
log.Printf("scsuser.Get: select: %s", err.Error()) log.Printf("scsuser.Get: select: %s", err.Error())

View File

@ -8,7 +8,6 @@ import (
"golang.org/x/crypto/bcrypt" "golang.org/x/crypto/bcrypt"
) )
func RecoverByEmail(email string) { func RecoverByEmail(email string) {
u, ok := Get(email) u, ok := Get(email)
if !ok { if !ok {