Permalink
Browse files

Update bookings SaveSettings page to bcrypt

  • Loading branch information...
1 parent 48c46d2 commit c6c8b765064c3ed19e5d2acc5452523f9ee930b5 @robfig robfig committed Oct 1, 2012
@@ -1,6 +1,7 @@
package controllers
import (
+ "code.google.com/p/go.crypto/bcrypt"
"database/sql"
"fmt"
"github.com/robfig/revel"
@@ -124,17 +125,21 @@ func (c Hotels) Settings() rev.Result {
}
func (c Hotels) SaveSettings(password, verifyPassword string) rev.Result {
- user := connected(c.Controller)
- user.Password = password
- user.Validate(c.Validation)
- c.Validation.Required(verifyPassword).Message("VerifyPassword is required")
- c.Validation.Required(password == verifyPassword).Message("Your password doesn't match")
+ models.ValidatePassword(c.Validation, password).Key("password")
+ c.Validation.Required(verifyPassword).
+ Key("verifyPassword").
+ Message("Please verify your password")
+ c.Validation.Required(password == verifyPassword).
+ Key("verifyPassword").
+ Message("Your password doesn't match")
if c.Validation.HasErrors() {
c.Validation.Keep()
return c.Redirect(Hotels.Settings)
}
- _, err := c.Txn.Exec("update User set Password = ? where UserId = ?",
- password, user.UserId)
+
+ bcryptPassword, _ := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
+ _, err := c.Txn.Exec("update User set HashedPassword = ? where UserId = ?",
+ bcryptPassword, connected(c.Controller).UserId)
if err != nil {
panic(err)
}
@@ -26,14 +26,18 @@ func (u *User) Validate(v *rev.Validation) {
rev.Match{userRegex},
).Key("user.Username")
- v.Check(u.Password,
- rev.Required{},
- rev.MaxSize{15},
- rev.MinSize{5},
- ).Key("user.Password")
+ ValidatePassword(v, u.Password).Key("user.Password")
v.Check(u.Name,
rev.Required{},
rev.MaxSize{100},
).Key("user.Name")
}
+
+func ValidatePassword(v *rev.Validation, password string) *rev.ValidationResult {
+ return v.Check(password,
+ rev.Required{},
+ rev.MaxSize{15},
+ rev.MinSize{5},
+ )
+}
@@ -4,17 +4,17 @@
<h1>Change your password</h1>
<form method="POST" action="{{url "Hotels.SaveSettings"}}">
- {{with $field := field "connected.Password" .}}
+ {{with $field := field "password" .}}
<p class="{{$field.ErrorClass}}">
<strong>Password:</strong>
- <input type="password" name="Password" size="16" value="{{.connected.Password}}"> *
+ <input type="password" name="{{$field.Name}}" size="16"> *
<span class="error">{{$field.Error}}</span>
</p>
{{end}}
{{with $field := field "verifyPassword" .}}
<p class="{{$field.ErrorClass}}">
<strong>Verify password:</strong>
- <input type="password" name="{{$field.Name}}" size="16" value="{{.verifyPassword}}"> *
+ <input type="password" name="{{$field.Name}}" size="16"> *
<span class="error">{{$field.Error}}</span>
</p>
{{end}}

0 comments on commit c6c8b76

Please sign in to comment.