mirror of
https://github.com/gmemstr/pogo.git
synced 2024-09-19 17:21:10 +01:00
Add password hashing to loginHandler
Will create user management page for admins soon as well. This will be fine for the time being though -> https://www.dailycred.com/article/bcrypt-calculator for generating hashes.
This commit is contained in:
parent
ef80d2bc20
commit
84992b73eb
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -22,3 +22,4 @@ feed\.rss
|
|||
assets/static/custom\.css
|
||||
|
||||
config\.json
|
||||
vendor/
|
||||
|
|
8
Godeps/Godeps.json
generated
8
Godeps/Godeps.json
generated
|
@ -17,6 +17,14 @@
|
|||
"Comment": "v1.4.0-10-g18fca31",
|
||||
"Rev": "18fca31550181693b3a834a15b74b564b3605876"
|
||||
},
|
||||
{
|
||||
"ImportPath": "golang.org/x/crypto/bcrypt",
|
||||
"Rev": "9419663f5a44be8b34ca85f08abc5fe1be11f8a3"
|
||||
},
|
||||
{
|
||||
"ImportPath": "golang.org/x/crypto/blowfish",
|
||||
"Rev": "9419663f5a44be8b34ca85f08abc5fe1be11f8a3"
|
||||
},
|
||||
{
|
||||
"ImportPath": "golang.org/x/sys/unix",
|
||||
"Rev": "0b25a408a50076fbbcae6b7ac0ea5fbb0b085e79"
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{
|
||||
"admin": "password1",
|
||||
"gabriel": "password"
|
||||
"admin": "$2a$04$ZAf88Bao4Q768vKfCaKBlOqtPumwKwFhrcpBCdfMWWFX69wyhgTqi",
|
||||
"gabriel": "$2a$04$KrhZ1q6FpOGqs0FVKMYhQ.BTYeVXztnjrM9RbK.0buI1OHfmyNEAy"
|
||||
}
|
|
@ -7,6 +7,7 @@ import (
|
|||
"log"
|
||||
"net/http"
|
||||
"strings"
|
||||
"golang.org/x/crypto/bcrypt"
|
||||
|
||||
"github.com/gorilla/mux"
|
||||
"github.com/gmemstr/pogo/admin"
|
||||
|
@ -146,7 +147,7 @@ func loginHandler() common.Handler {
|
|||
|
||||
// Iterate through map until we find matching username
|
||||
for k, v := range u {
|
||||
if k == username && v == password {
|
||||
if k == username && bcrypt.CompareHashAndPassword([]byte(v), []byte(password)) == nil {
|
||||
// Create a cookie here because the credentials are correct
|
||||
c, err := auth.CreateSession(&common.User{
|
||||
Username: k,
|
||||
|
|
Loading…
Reference in a new issue