fix: limit hash size
This commit is contained in:
parent
5af1a98b49
commit
717ed1f330
2 changed files with 54 additions and 27 deletions
|
@ -40,8 +40,8 @@ const (
|
||||||
type User struct {
|
type User struct {
|
||||||
Id int32 `db:"id"`
|
Id int32 `db:"id"`
|
||||||
|
|
||||||
Username string `db:"username"`
|
Username string `db:"username"`
|
||||||
HashedPassword []byte `db:"hashed_password"`
|
HashedPassword [60]byte `db:"hashed_pwd"`
|
||||||
|
|
||||||
Email *string `db:"email"`
|
Email *string `db:"email"`
|
||||||
|
|
||||||
|
@ -51,24 +51,28 @@ type User struct {
|
||||||
Role int32 `db:"role"`
|
Role int32 `db:"role"`
|
||||||
}
|
}
|
||||||
|
|
||||||
func (hashedUser *User) IsAdmin() bool {
|
func (user *User) IsAdmin() bool {
|
||||||
return lib.IsAdmin(hashedUser.Role)
|
return lib.IsAdmin(user.Role)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (hashedUser *User) IsModerator() bool {
|
func (user *User) IsModerator() bool {
|
||||||
return lib.IsModerator(hashedUser.Role)
|
return lib.IsModerator(user.Role)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (hashedUser *User) IsParticipant() bool {
|
func (user *User) IsParticipant() bool {
|
||||||
return lib.IsParticipant(hashedUser.Role)
|
return lib.IsParticipant(user.Role)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (hashedUser *User) IsSpectator() bool {
|
func (user *User) IsSpectator() bool {
|
||||||
return lib.IsSpectator(hashedUser.Role)
|
return lib.IsSpectator(user.Role)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (hashedUser *User) ComparePassword(password string) error {
|
func (user *User) AtLeast(role int32) bool {
|
||||||
if bcrypt.CompareHashAndPassword(hashedUser.HashedPassword, []byte(password)) != nil {
|
return user.Role >= role
|
||||||
|
}
|
||||||
|
|
||||||
|
func (user *User) ComparePassword(password string) error {
|
||||||
|
if bcrypt.CompareHashAndPassword(user.HashedPassword[:], []byte(password)) != nil {
|
||||||
return lib.ErrBadHandleOrPassword
|
return lib.ErrBadHandleOrPassword
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
|
@ -123,12 +127,12 @@ func (storage *PostgresqlStorage) CreateUser(
|
||||||
|
|
||||||
query := storage.db.Rebind(`
|
query := storage.db.Rebind(`
|
||||||
INSERT INTO users
|
INSERT INTO users
|
||||||
(username, hashed_password, email, expires_at, created_at, role)
|
(username, hashed_pwd, email, expires_at, role)
|
||||||
VALUES (?, ?, ?, ?, ?, ?)
|
VALUES (?, ?, ?, ?, ?)
|
||||||
RETURNING id
|
RETURNING id
|
||||||
`)
|
`)
|
||||||
|
|
||||||
rows, err := storage.db.QueryxContext(ctx, query, username, hashedPassword, email, expiresAt, now, role)
|
rows, err := storage.db.QueryxContext(ctx, query, username, hashedPassword, email, expiresAt, role)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, storage.handlePgErr(err)
|
return nil, storage.handlePgErr(err)
|
||||||
}
|
}
|
||||||
|
@ -227,7 +231,7 @@ func (storage *PostgresqlStorage) UpdateUser(
|
||||||
query := storage.db.Rebind(`
|
query := storage.db.Rebind(`
|
||||||
UPDATE users
|
UPDATE users
|
||||||
SET username = COALESCE(?, username),
|
SET username = COALESCE(?, username),
|
||||||
hashed_password = COALESCE(?, hashed_password),
|
hashed_pwd = COALESCE(?, hashed_pwd),
|
||||||
email = COALESCE(?, email),
|
email = COALESCE(?, email),
|
||||||
expires_at = COALESCE(?, expires_at),
|
expires_at = COALESCE(?, expires_at),
|
||||||
role = COALESCE(?, role)
|
role = COALESCE(?, role)
|
||||||
|
|
|
@ -1,20 +1,43 @@
|
||||||
-- +goose Up
|
-- +goose Up
|
||||||
CREATE TABLE IF NOT EXISTS users (
|
-- +goose StatementBegin
|
||||||
id serial NOT NULL,
|
CREATE TABLE IF NOT EXISTS users
|
||||||
username VARCHAR(70) UNIQUE NOT NULL CHECK (length(username) != 0 AND username = lower(username)),
|
(
|
||||||
hashed_password BYTEA NOT NULL CHECK (length(hashed_password) != 0),
|
id serial NOT NULL,
|
||||||
email VARCHAR(70) UNIQUE CHECK (length(email) != 0 AND email = lower(email)),
|
username VARCHAR(70) UNIQUE NOT NULL,
|
||||||
expires_at TIMESTAMP NOT NULL,
|
hashed_pwd VARCHAR(60) NOT NULL,
|
||||||
created_at TIMESTAMP NOT NULL,
|
email VARCHAR(70) UNIQUE,
|
||||||
role INT NOT NULL CHECK (role BETWEEN 0 AND 3),
|
role INT NOT NULL,
|
||||||
PRIMARY KEY (id)
|
expires_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
|
||||||
|
created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
|
||||||
|
updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
|
||||||
|
|
||||||
|
PRIMARY KEY (id),
|
||||||
|
CHECK (length(username) != 0 AND username = lower(username)),
|
||||||
|
CHECK (length(email) != 0 AND email = lower(email)),
|
||||||
|
CHECK (lower(username) != lower(email)),
|
||||||
|
CHECK (length(hashed_pwd) != 0),
|
||||||
|
CHECK (role BETWEEN 0 AND 3)
|
||||||
);
|
);
|
||||||
|
|
||||||
CREATE INDEX ON users (id);
|
CREATE INDEX ON users (id);
|
||||||
|
|
||||||
CREATE INDEX ON users (username);
|
CREATE INDEX ON users (username);
|
||||||
|
|
||||||
CREATE INDEX ON users (email);
|
CREATE INDEX ON users (email);
|
||||||
|
|
||||||
|
CREATE FUNCTION usr_upd_trg_fn() RETURNS TRIGGER
|
||||||
|
LANGUAGE plpgsql AS
|
||||||
|
$$
|
||||||
|
BEGIN
|
||||||
|
NEW.updated_at = NOW();
|
||||||
|
RETURN NEW;
|
||||||
|
END;
|
||||||
|
$$;
|
||||||
|
|
||||||
|
CREATE TRIGGER usr_upd_trg
|
||||||
|
BEFORE UPDATE
|
||||||
|
ON users
|
||||||
|
FOR EACH ROW
|
||||||
|
EXECUTE PROCEDURE usr_upd_trg_fn();
|
||||||
|
-- +goose StatementEnd
|
||||||
|
|
||||||
-- +goose Down
|
-- +goose Down
|
||||||
DROP TABLE IF EXISTS users;
|
DROP TABLE IF EXISTS users;
|
Loading…
Reference in a new issue