x/web-app-template
Archived
Template
2
0
Fork 0
Code Issues 13 Pull Requests 4 Actions Packages Activity

tbs

Browse Source
This commit is contained in:
Tim Wundenberg
2024-12-06 21:54:59 +01:00
parent 0170d63ae9
commit 04c6d0e71d
5 changed files with 192 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
service/auth.go
View File

@@ -71,8 +71,8 @@ type Auth interface {
SendForgotPasswordMail(email string) error
ForgotPassword(token string, newPass string) error
// IsCsrfTokenValid(token string, user *User) bool
// GetCsrfToken(token string, user *User) bool
IsCsrfTokenValid(tokenStr string, userId uuid.UUID) bool
GetCsrfToken(session *Session) (string, error)
}
type AuthImpl struct {
@@ -193,7 +193,7 @@ func (service AuthImpl) SignUp(email string, password string) (*User, error) {
err = service.db.InsertUser(dbUser)
if err != nil {
if err == db.ErrUserExists {
if err == db.ErrAlreadyExists {
return nil, ErrAccountExists
} else {
return nil, types.ErrInternal
@@ -222,7 +222,7 @@ func (service AuthImpl) SendVerificationMail(userId uuid.UUID, email string) {
return
}
token = db.NewToken(userId, newTokenStr, db.TokenTypeEmailVerify, service.clock.Now(), service.clock.Now().Add(24*time.Hour))
token = db.NewToken(userId, "", newTokenStr, db.TokenTypeEmailVerify, service.clock.Now(), service.clock.Now().Add(24*time.Hour))
err = service.db.InsertToken(token)
if err != nil {
@@ -343,7 +343,7 @@ func (service AuthImpl) SendForgotPasswordMail(email string) error {
}
}
token := db.NewToken(user.Id, tokenStr, db.TokenTypePasswordReset, service.clock.Now(), service.clock.Now().Add(15*time.Minute))
token := db.NewToken(user.Id, "", tokenStr, db.TokenTypePasswordReset, service.clock.Now(), service.clock.Now().Add(15*time.Minute))
err = service.db.InsertToken(token)
if err != nil {
@@ -394,6 +394,43 @@ func (service AuthImpl) ForgotPassword(tokenStr string, newPass string) error {
return nil
}
func (service AuthImpl) IsCsrfTokenValid(tokenStr string, userId uuid.UUID) bool {
token, err := service.db.GetToken(tokenStr)
if err != nil {
return false
}
if token.Type != db.TokenTypeCsrf ||
token.UserId != userId ||
token.ExpiresAt.Before(service.clock.Now()) {
return false
}
return true
}
func (service AuthImpl) GetCsrfToken(session *Session) (string, error) {
tokens, _ := service.db.GetTokensBySessionIdAndType(session.Id, db.TokenTypeCsrf)
if len(tokens) > 0 {
return tokens[0].Token, nil
}
tokenStr, err := service.random.String(32)
if err != nil {
return "", types.ErrInternal
}
token := db.NewToken(uuid.Nil, session.Id, tokenStr, db.TokenTypeCsrf, service.clock.Now(), service.clock.Now().Add(24*time.Hour))
err = service.db.InsertToken(token)
if err != nil {
return "", types.ErrInternal
}
return tokenStr, nil
}
func GetHashPassword(password string, salt []byte) []byte {
return argon2.IDKey([]byte(password), salt, 1, 64*1024, 1, 16)
}