more

2023-10-07 10:42:06 -04:00 · 2023-10-07 10:42:06 -04:00 · f809500d17
parent 1885678995
commit f809500d17
1 changed files with 12 additions and 8 deletions
--- a/auth.go
+++ b/auth.go
@ -35,6 +35,7 @@ func Login(username, password string) bool {
 			log.Printf("scsusers.Login: recovery time expired")
 			return false
 		}
+		u.SetPassword([]byte(rc))
 		u.Delete("recoverycode")
 		u.Delete("recoverytime")
 	}
@ -42,6 +43,16 @@ func Login(username, password string) bool {
 	return true
 }

+func (u *UserData) SetPassword(newcrypt []byte) bool {
+	q := fmt.Sprintf("update %s_auth set password=? where userid=?", c.TablePrefix)
+	_, err := c.db.Exec(q, newcrypt, u.UserID)
+	if err != nil {
+		log.Printf("scsusers.ChangePassword: update failed for %s: %s\n", u.Username, err.Error())
+		return false
+	}
+	return true
+}
+
 func (u *UserData) ChangePassword(oldpass, newpass string) bool {
 	if bcrypt.CompareHashAndPassword([]byte(u.Password), []byte(oldpass)) != nil {
 		log.Printf("scsusers.ChangePassword: Failed password for %s\n", u.Username)
@ -52,12 +63,5 @@ func (u *UserData) ChangePassword(oldpass, newpass string) bool {
 		log.Printf("scsusers.ChangePassword: generate: %s", err.Error())
 		return false
 	}
-	q := fmt.Sprintf("update %s_auth set password=? where userid=?", c.TablePrefix)
-	_, err = c.db.Exec(q, newcrypt, u.UserID)
-	if err != nil {
-		log.Printf("scsusers.ChangePassword: update failed for %s: %s\n", u.Username, err.Error())
-		return false
-	}
-	return true
-
+	return u.SetPassword(newcrypt)
 }