fix: create RandomGenerator interface and struct for testing purpose #181

2024-10-05 13:49:43 +02:00
parent d36f880a01
commit 6b033e2c2e
6 changed files with 125 additions and 55 deletions
--- a/service/auth.go
+++ b/service/auth.go
@@ -2,7 +2,6 @@ package service

 import (
 	"context"
-	"crypto/rand"
 	"crypto/subtle"
 	"database/sql"
 	"errors"
@@ -26,10 +25,10 @@ import (
 )

 var (
-	ErrInvaidCredentials  = errors.New("Invalid email or password")
-	ErrPasswordComplexity = errors.New("Password needs to be 8 characters long, contain at least one number, one special, one uppercase and one lowercase character")
-	ErrInvalidEmail       = errors.New("Invalid email")
-	ErrAccountExists      = errors.New("Account already exists")
+	ErrInvaidCredentials = errors.New("Invalid email or password")
+	ErrInvalidPassword   = errors.New("Password needs to be 8 characters long, contain at least one number, one special, one uppercase and one lowercase character")
+	ErrInvalidEmail      = errors.New("Invalid email")
+	ErrAccountExists     = errors.New("Account already exists")
 )

 type User struct {
@@ -53,16 +52,18 @@ type ServiceAuth interface {
 }

 type ServiceAuthImpl struct {
-	dbAuth         db.DbAuth
-	serverSettings *types.ServerSettings
-	mailService    MailService
+	dbAuth          db.DbAuth
+	randomGenerator RandomGenerator
+	serverSettings  *types.ServerSettings
+	mailService     MailService
 }

-func NewServiceAuthImpl(dbAuth db.DbAuth, serverSettings *types.ServerSettings) *ServiceAuthImpl {
+func NewServiceAuthImpl(dbAuth db.DbAuth, randomGenerator RandomGenerator, serverSettings *types.ServerSettings) *ServiceAuthImpl {
 	return &ServiceAuthImpl{
-		dbAuth:         dbAuth,
-		serverSettings: serverSettings,
-		mailService:    NewMailService(serverSettings),
+		dbAuth:          dbAuth,
+		randomGenerator: randomGenerator,
+		serverSettings:  serverSettings,
+		mailService:     NewMailService(serverSettings),
 	}
 }

@@ -91,9 +92,8 @@ func (service ServiceAuthImpl) SignUp(email string, password string) (*User, err
 		return nil, ErrInvalidEmail
 	}

-	err = checkPassword(password)
-	if err != nil {
-		return nil, err
+	if !isPasswordValid(password) {
+		return nil, ErrInvalidPassword
 	}

 	userId, err := uuid.NewRandom()
@@ -102,10 +102,8 @@ func (service ServiceAuthImpl) SignUp(email string, password string) (*User, err
 		return nil, types.ErrInternal
 	}

-	salt := make([]byte, 16)
-	_, err = rand.Read(salt)
+	salt, err := service.randomGenerator.Bytes(16)
 	if err != nil {
-		utils.LogError("Could not generate salt", err)
 		return nil, types.ErrInternal
 	}

@@ -134,9 +132,8 @@ func (service ServiceAuthImpl) SendVerificationMail(user *User) {
 	}

 	if token == "" {
-		token, err := utils.RandomToken()
+		token, err := service.randomGenerator.String(32)
 		if err != nil {
-			utils.LogError("Could not generate token", err)
 			return
 		}

@@ -407,9 +404,8 @@ func HandleChangePasswordComp(db *sql.DB) http.HandlerFunc {
 		currPass := r.FormValue("current-password")
 		newPass := r.FormValue("new-password")

-		err := checkPassword(newPass)
-		if err != nil {
-			utils.TriggerToast(w, r, "error", err.Error())
+		if !isPasswordValid(newPass) {
+			utils.TriggerToast(w, r, "error", ErrInvalidPassword.Error())
 			return
 		}

@@ -423,7 +419,7 @@ func HandleChangePasswordComp(db *sql.DB) http.HandlerFunc {
 			salt       []byte
 		)

-		err = db.QueryRow("SELECT password, salt FROM user WHERE user_uuid = ?", user.Id).Scan(&storedHash, &salt)
+		err := db.QueryRow("SELECT password, salt FROM user WHERE user_uuid = ?", user.Id).Scan(&storedHash, &salt)
 		if err != nil {
 			utils.LogError("Could not get password", err)
 			utils.TriggerToast(w, r, "error", "Internal Server Error")
@@ -467,9 +463,8 @@ func HandleActualResetPasswordComp(db *sql.DB) http.HandlerFunc {

 		newPass := r.FormValue("new-password")

-		err = checkPassword(newPass)
-		if err != nil {
-			utils.TriggerToast(w, r, "error", err.Error())
+		if !isPasswordValid(newPass) {
+			utils.TriggerToast(w, r, "error", ErrInvalidPassword.Error())
 			return
 		}

@@ -511,6 +506,7 @@ func HandleActualResetPasswordComp(db *sql.DB) http.HandlerFunc {
 		utils.TriggerToast(w, r, "success", "Password changed")
 	}
 }
+
 func HandleResetPasswordComp(db *sql.DB, serverSettings *types.ServerSettings) http.HandlerFunc {
 	mailService := NewMailService(serverSettings)
 	return func(w http.ResponseWriter, r *http.Request) {
@@ -521,9 +517,8 @@ func HandleResetPasswordComp(db *sql.DB, serverSettings *types.ServerSettings) h
 			return
 		}

-		token, err := utils.RandomToken()
+		token, err := NewRandomGeneratorImpl().String(32)
 		if err != nil {
-			utils.LogError("Could not generate token", err)
 			return
 		}

@@ -562,9 +557,8 @@ func HandleResetPasswordComp(db *sql.DB, serverSettings *types.ServerSettings) h
 }

 func TryCreateSessionAndSetCookie(r *http.Request, w http.ResponseWriter, db *sql.DB, user_uuid uuid.UUID) error {
-	sessionId, err := utils.RandomToken()
+	sessionId, err := NewRandomGeneratorImpl().String(32)
 	if err != nil {
-		utils.LogError("Could not generate session ID", err)
 		return types.ErrInternal
 	}

@@ -599,15 +593,15 @@ func GetHashPassword(password string, salt []byte) []byte {
 	return argon2.IDKey([]byte(password), salt, 1, 64*1024, 1, 16)
 }

-func checkPassword(password string) error {
+func isPasswordValid(password string) bool {

 	if len(password) < 8 ||
 		!strings.ContainsAny(password, "0123456789") ||
 		!strings.ContainsAny(password, "ABCDEFGHIJKLMNOPQRSTUVWXYZ") ||
 		!strings.ContainsAny(password, "abcdefghijklmnopqrstuvwxyz") ||
 		!strings.ContainsAny(password, "!@#$%^&*()_+-=[]{}\\|;:'\",.<>/?") {
-		return ErrPasswordComplexity
+		return false
 	} else {
-		return nil
+		return true
 	}
 }