can check hashed passwords

master
Jordan Orelli 5 years ago
parent 01b6315b99
commit c8a5e5089f

@ -49,6 +49,32 @@ func (db *SQLite) CreateUser(name, pass, salt string) error {
}
func (db *SQLite) CheckPassword(name, pass string) error {
rows, err := db.db.Query(`
select phash, psalt from users where name = ?;
`, name)
if err != nil {
return fmt.Errorf("failed to fetch row for user %s: %v", name, err)
}
defer rows.Close()
scannedRows := 0
for rows.Next() {
var (
dbhash string
dbsalt string
)
if err := rows.Scan(&dbhash, &dbsalt); err != nil {
return fmt.Errorf("failed to scan row: %v", err)
}
scannedRows++
if err := bcrypt.CompareHashAndPassword([]byte(dbhash), []byte(pass+dbsalt)); err != nil {
return fmt.Errorf("failed hash match: %v", err)
}
}
if scannedRows == 0 {
return fmt.Errorf("no such user")
}
return nil
}

@ -78,6 +78,20 @@ func runUserCreate(cmd *cobra.Command, args []string) {
fmt.Printf("created:\n\tuser:\t%s\n\tpass:\t%s\n", user, pass)
}
func runUserCheckPassword(cmd *cobra.Command, args []string) {
conn, err := db.OpenSQLite(cmd.Flag("db").Value.String())
if err != nil {
fmt.Fprintf(os.Stderr, "unable to open sqlite database: %v\n", err)
}
defer conn.Close()
user := args[0]
pass := args[1]
if err := conn.CheckPassword(user, pass); err != nil {
fmt.Fprintf(os.Stderr, "failed password check: %v\n", err)
}
}
func main() {
cmd := &cobra.Command{
Use: "kloam",
@ -106,5 +120,13 @@ func main() {
}
user.AddCommand(userCreate)
userCheckPassword := &cobra.Command{
Use: "check-password",
Short: "checks a users password",
Args: cobra.ExactArgs(2),
Run: runUserCheckPassword,
}
user.AddCommand(userCheckPassword)
cmd.Execute()
}

Loading…
Cancel
Save