1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
package main
import (
"bytes"
"crypto/subtle"
"database/sql"
"errors"
"log"
"time"
_ "github.com/lib/pq"
)
type Session struct {
Id string
UserId int64
Created time.Time
}
type User struct {
Id int64
Name string
Password []byte
}
type Store interface {
GetSession(id string) (*Session, bool)
NewSession(userId int64) *Session
GetUser(name string) (*User, bool)
ValidateUser(name string, password string) (*User, error)
DeleteSession(id string)
ChangePassword(userId int64, hash []byte)
}
type PgStore struct {
*sql.DB
sessionCache map[string]*Session
}
func NewPgStore(database string) *PgStore {
db, err := sql.Open("postgres", database)
if err != nil {
log.Panic(err)
}
return &PgStore{db, make(map[string]*Session)}
}
func (store *PgStore) GetSession(id string) (*Session, bool) {
s, ok := store.sessionCache[id]
if ok {
return s, true
}
s = new(Session)
row := store.QueryRow(
"SELECT id, user_id, created_at FROM sessions WHERE id = $1",
id,
)
if err := row.Scan(&s.Id, &s.UserId, &s.Created); err != nil {
return nil, false
}
store.sessionCache[s.Id] = s
return s, true
}
func (store *PgStore) NewSession(userId int64) *Session {
s := &Session{UserId: userId}
store.QueryRow(
"INSERT INTO sessions(user_id) VALUES ($1) RETURNING id, created_at",
userId,
).Scan(&s.Id, &s.Created)
store.sessionCache[s.Id] = s
return s
}
func (store *PgStore) DeleteSession(id string) {
store.Exec("DELETE FROM sessions WHERE id = $1", id)
delete(store.sessionCache, id)
}
func (store *PgStore) ChangePassword(userId int64, hash []byte) {
store.Exec("UPDATE users SET password=$1 WHERE id=$2", hash, userId)
}
func (store *PgStore) GetUser(name string) (*User, bool) {
u := &User{Name: name}
row := store.QueryRow(
"SELECT id, password FROM users WHERE name = $1",
name,
)
if err := row.Scan(&u.Id, &u.Password); err != nil {
return nil, false
}
return u, true
}
func (store *PgStore) ValidateUser(name string, password string) (*User, error) {
u := &User{Name: name}
row := store.QueryRow(
"SELECT id, password FROM users WHERE name = $1",
name,
)
if err := row.Scan(&u.Id, &u.Password); err != nil {
return nil, errors.New("Utilisateur non enregistré")
}
z := bytes.SplitN(u.Password, []byte("}"), 2)
scheme := string(z[0][:len(z[0])])
true_hash := z[1]
var hash []byte
switch scheme {
case "PLAIN-MD5":
hash = md5hex([]byte(password))
default:
return nil, errors.New("Unknown password hashing scheme.")
}
if subtle.ConstantTimeCompare(true_hash, hash) != 1 {
return nil, errors.New("Mot de passe incorrect.")
} else {
return u, nil
}
}
|
