This repository has been archived by the owner on Jun 12, 2021. It is now read-only.
/
admin.go
85 lines (71 loc) · 2.31 KB
/
admin.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
package lib
import (
"database/sql"
"github.com/op/go-logging"
"golang.org/x/crypto/bcrypt"
)
// Contains the current password hash.
type Admin struct {
password []byte
}
// Init an Admin-struct.
// Creates an Admin user if there is none.
func (a *Admin) Init() {
if !a.LoadPassword() {
a.Add()
}
}
// Validates the entered password.
// Returns true, if the password matched the stored hash and false, if not.
func (a *Admin) ValidatePassword(userInput string) bool {
a.LoadPassword()
err := bcrypt.CompareHashAndPassword(a.password, []byte(userInput))
if err != nil {
logging.MustGetLogger("").Warning("Invalid Password: ", err)
return false
}
logging.MustGetLogger("").Info("Login successful.")
return true
}
// Loads the current password hash into the Admin-struct.
// Returns true, if there was a password hash in the database or false, if not.
func (a *Admin) LoadPassword() bool {
var value []byte
err := db.QueryRow("SELECT value FROM settings WHERE name = 'password';").Scan(&value)
switch {
case err == sql.ErrNoRows:
logging.MustGetLogger("").Warning("No Admin-Password found.")
return false
case err != nil:
logging.MustGetLogger("").Error("Error while checking for Admin-Password: ", err)
return false
default:
a.password = value
}
logging.MustGetLogger("").Debug("Existing Admin-Password found.")
return true
}
// Changes the current password to the given one.
// Returns an error (if there was one).
func (a *Admin) ChangePassword(userInput string) error {
logging.MustGetLogger("").Debug("Changing Admin-Password...")
clearPassword := []byte(userInput)
passwordHash, err := bcrypt.GenerateFromPassword(clearPassword, 12)
_, err = db.Exec("UPDATE settings SET value = ? WHERE name = 'password';", passwordHash)
if err != nil {
logging.MustGetLogger("").Error("Unable to update Admin-Password: ", err)
}
a.password = passwordHash
return err
}
// Adds a new admin user to the database.
func (a *Admin) Add() {
logging.MustGetLogger("").Info("Adding default Admin...")
clearPassword := []byte("admin")
passwordHash, err := bcrypt.GenerateFromPassword(clearPassword, 12)
_, err = db.Exec("INSERT INTO settings (name, value) VALUES ('password', ?);", passwordHash)
if err != nil {
logging.MustGetLogger("").Fatal("Unable to insert Admin-Password: ", err)
}
a.password = passwordHash
}