used bcrypt for user password
parent
bfdeead859
commit
e1d8fd4bcc
13
ii/db.go
13
ii/db.go
|
@ -7,7 +7,6 @@ package ii
|
|||
import (
|
||||
"bufio"
|
||||
"crypto/sha256"
|
||||
"encoding/base64"
|
||||
"errors"
|
||||
"fmt"
|
||||
"io"
|
||||
|
@ -19,6 +18,7 @@ import (
|
|||
"sync"
|
||||
"sync/atomic"
|
||||
"time"
|
||||
"golang.org/x/crypto/bcrypt"
|
||||
)
|
||||
|
||||
// This is index entry. Information about message that is loaded in memory.
|
||||
|
@ -906,8 +906,12 @@ func IsPassword(u string) bool {
|
|||
// String is something like id + user + password
|
||||
func MakeSecret(msg string) string {
|
||||
h := sha256.Sum256([]byte(msg))
|
||||
s := base64.URLEncoding.EncodeToString(h[:])
|
||||
return s[0:10]
|
||||
hash, err := bcrypt.GenerateFromPassword(h[:], bcrypt.DefaultCost)
|
||||
if err != nil {
|
||||
Error.Printf("bcrypt problem")
|
||||
return "bcryptProblem"
|
||||
}
|
||||
return string(hash)
|
||||
}
|
||||
|
||||
// Return secret for username or "" if no such user
|
||||
|
@ -929,7 +933,8 @@ func (db *UDB) Auth(User string, Passwd string) bool {
|
|||
if !ok {
|
||||
return false
|
||||
}
|
||||
return ui.Secret == MakeSecret(User+Passwd)
|
||||
secret := sha256.Sum256([]byte(User+Passwd))
|
||||
return bcrypt.CompareHashAndPassword([]byte(ui.Secret), secret[:]) == nil
|
||||
}
|
||||
|
||||
// Returns true if Secret (pauth) is valid
|
||||
|
|
Loading…
Reference in New Issue