diff options
| author | nsfisis <nsfisis@gmail.com> | 2024-07-30 19:05:09 +0900 |
|---|---|---|
| committer | nsfisis <nsfisis@gmail.com> | 2024-07-30 19:05:09 +0900 |
| commit | db0721e9820f399727b933088a276184e9565c9d (patch) | |
| tree | 4cde08ad2fc675bbbfbfab544738fd070293ea74 | |
| parent | 61bf8dc35b82d0afd0263c0b6c37c2cfe5961a19 (diff) | |
| download | iosdc-japan-2024-albatross-db0721e9820f399727b933088a276184e9565c9d.tar.gz iosdc-japan-2024-albatross-db0721e9820f399727b933088a276184e9565c9d.tar.zst iosdc-japan-2024-albatross-db0721e9820f399727b933088a276184e9565c9d.zip | |
feat(backend): implement password-based authentication
| -rw-r--r-- | Makefile | 4 | ||||
| -rw-r--r-- | Makefile.prod | 4 | ||||
| -rw-r--r-- | backend/auth/auth.go | 12 | ||||
| -rw-r--r-- | backend/fixtures/dev.sql | 8 | ||||
| -rw-r--r-- | backend/go.mod | 2 | ||||
| -rw-r--r-- | docs/DEV.md | 2 |
6 files changed, 25 insertions, 7 deletions
@@ -18,6 +18,10 @@ down: logs: ${DOCKER_COMPOSE} logs +.PHONY: logsf +logsf: + ${DOCKER_COMPOSE} logs -f + .PHONY: psql psql: ${DOCKER_COMPOSE} up --wait db diff --git a/Makefile.prod b/Makefile.prod index 05901f0..3d8d078 100644 --- a/Makefile.prod +++ b/Makefile.prod @@ -16,6 +16,10 @@ down: logs: ${DOCKER_COMPOSE} logs +.PHONY: logsf +logsf: + ${DOCKER_COMPOSE} logs -f + .PHONY: psql psql: ${DOCKER_COMPOSE} up --wait db diff --git a/backend/auth/auth.go b/backend/auth/auth.go index 6b358c3..a8b9050 100644 --- a/backend/auth/auth.go +++ b/backend/auth/auth.go @@ -4,6 +4,8 @@ import ( "context" "fmt" + "golang.org/x/crypto/bcrypt" + "github.com/nsfisis/iosdc-2024-albatross/backend/db" ) @@ -12,7 +14,15 @@ func Login(ctx context.Context, queries *db.Queries, username, password string) if err != nil { return 0, err } - if userAuth.AuthType == "bypass" { + if userAuth.AuthType == "password" { + passwordHash := userAuth.PasswordHash + if passwordHash == nil { + panic("inconsistant data") + } + err := bcrypt.CompareHashAndPassword([]byte(*passwordHash), []byte(password)) + if err != nil { + return 0, err + } return int(userAuth.UserID), nil } return 0, fmt.Errorf("not implemented") diff --git a/backend/fixtures/dev.sql b/backend/fixtures/dev.sql index 3549d86..5e47386 100644 --- a/backend/fixtures/dev.sql +++ b/backend/fixtures/dev.sql @@ -6,11 +6,11 @@ VALUES ('c', 'TEST C', NULL, TRUE); INSERT INTO user_auths -(user_id, auth_type) +(user_id, auth_type, password_hash) VALUES - (1, 'bypass'), - (2, 'bypass'), - (3, 'bypass'); + (1, 'password', '$2a$10$5FzjoitnZSFFpIPHEqmnXOQkSKWTLwpR.gqPy50iFg5itOZcqARHq'), + (2, 'password', '$2a$10$4Wl1M4jQs.GwkB4oT32KvuMQtF.EdqKuOc8z8KKOupnuMJRAVk32W'), + (3, 'password', '$2a$10$F/TePpu1pyJRWgn0e6A14.VL9D/17sRxT/2DyZ2Oi4Eg/lR6n7JcK'); INSERT INTO problems (title, description) diff --git a/backend/go.mod b/backend/go.mod index 8cb206d..eba1726 100644 --- a/backend/go.mod +++ b/backend/go.mod @@ -12,6 +12,7 @@ require ( github.com/oapi-codegen/oapi-codegen/v2 v2.3.0 github.com/oapi-codegen/runtime v1.1.1 github.com/sqlc-dev/sqlc v1.26.0 + golang.org/x/crypto v0.23.0 ) require ( @@ -63,7 +64,6 @@ require ( go.uber.org/atomic v1.11.0 // indirect go.uber.org/multierr v1.11.0 // indirect go.uber.org/zap v1.26.0 // indirect - golang.org/x/crypto v0.23.0 // indirect golang.org/x/exp v0.0.0-20231108232855-2478ac86f678 // indirect golang.org/x/mod v0.17.0 // indirect golang.org/x/net v0.25.0 // indirect diff --git a/docs/DEV.md b/docs/DEV.md index c8781fd..6061a1b 100644 --- a/docs/DEV.md +++ b/docs/DEV.md @@ -22,6 +22,6 @@ 1. `make init` 1. `make up` 1. Access to http://localhost:5173. - * User `a`, `b` and `c` can log in with any password. + * User `a`, `b` and `c` can log in with `pass` password. * User `a` and `b` are players. * User `c` is an administrator. |