-
Notifications
You must be signed in to change notification settings - Fork 4
/
user.go
112 lines (102 loc) · 2.37 KB
/
user.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
package userDao
import (
"encoding/json"
"fmt"
"time"
"github.com/seccom/kpass/app/dao"
"github.com/seccom/kpass/app/pkg"
"github.com/teambition/gear"
"github.com/tidwall/buntdb"
)
// CheckID ...
func CheckID(id string) error {
if len(id) < 3 {
return &gear.Error{Code: 400, Msg: fmt.Sprintf(`invalid user id "%s"`, id)}
}
err := dao.DB.View(func(tx *buntdb.Tx) error {
if _, e := tx.Get(dao.UserKey(id)); e == nil {
return &gear.Error{Code: 409, Msg: fmt.Sprintf(`user "%s" exists`, id)}
}
return nil
})
return dao.DBError(err)
}
// CheckLogin ...
func CheckLogin(id, pass string) (user *dao.User, err error) {
err = dao.DB.Update(func(tx *buntdb.Tx) error {
userKey := dao.UserKey(id)
value, e := tx.Get(userKey)
if e != nil {
return e
}
user, e = dao.UserFrom(value)
if e != nil {
return e
}
if user.IsBlocked || user.Attempt > 5 {
return &gear.Error{Code: 403, Msg: "too many login attempts"}
}
if !pkg.Auth.ValidateUserPass(id, pass, user.Pass) {
user.Attempt++
tx.Set(userKey, user.String(), nil)
tx.Commit()
return &gear.Error{Code: 400, Msg: "user id or password error"}
}
if user.Attempt > 0 {
user.Attempt = 0
tx.Set(userKey, user.String(), nil)
}
return nil
})
if err != nil {
return nil, dao.DBError(err)
}
return
}
// Create ...
func Create(userID, pass string) (user *dao.User, err error) {
err = dao.DB.Update(func(tx *buntdb.Tx) error {
userKey := dao.UserKey(userID)
_, e := tx.Get(userKey)
if e == nil {
return &gear.Error{Code: 409, Msg: fmt.Sprintf(`user "%s" exists`, userID)}
}
user = &dao.User{
ID: userID,
Pass: pkg.Auth.EncryptUserPass(userID, pass),
IsBlocked: false,
Created: time.Now(),
}
user.Updated = user.Created
_, _, e = tx.Set(userKey, user.String(), nil)
return e
})
if err != nil {
return nil, dao.DBError(err)
}
return
}
// Find ...
func Find(id string) (user *dao.User, err error) {
err = dao.DB.View(func(tx *buntdb.Tx) error {
res, e := tx.Get(dao.UserKey(id))
if e == nil {
e = json.Unmarshal([]byte(res), user)
}
return e
})
if err != nil {
user = nil
err = dao.DBError(err)
}
return
}
// Update ...
func Update(user *dao.User) error {
err := dao.DB.Update(func(tx *buntdb.Tx) error {
user.Updated = time.Now()
_, _, e := tx.Set(dao.UserKey(user.ID), user.String(), nil)
return e
})
return dao.DBError(err)
}