diff options
Diffstat (limited to 'backend')
| -rw-r--r-- | backend/auth/auth.go | 12 | ||||
| -rw-r--r-- | backend/fixtures/dev.sql | 8 | ||||
| -rw-r--r-- | backend/go.mod | 2 |
3 files changed, 16 insertions, 6 deletions
diff --git a/backend/auth/auth.go b/backend/auth/auth.go index 6b358c3..a8b9050 100644 --- a/backend/auth/auth.go +++ b/backend/auth/auth.go @@ -4,6 +4,8 @@ import ( "context" "fmt" + "golang.org/x/crypto/bcrypt" + "github.com/nsfisis/iosdc-2024-albatross/backend/db" ) @@ -12,7 +14,15 @@ func Login(ctx context.Context, queries *db.Queries, username, password string) if err != nil { return 0, err } - if userAuth.AuthType == "bypass" { + if userAuth.AuthType == "password" { + passwordHash := userAuth.PasswordHash + if passwordHash == nil { + panic("inconsistant data") + } + err := bcrypt.CompareHashAndPassword([]byte(*passwordHash), []byte(password)) + if err != nil { + return 0, err + } return int(userAuth.UserID), nil } return 0, fmt.Errorf("not implemented") diff --git a/backend/fixtures/dev.sql b/backend/fixtures/dev.sql index 3549d86..5e47386 100644 --- a/backend/fixtures/dev.sql +++ b/backend/fixtures/dev.sql @@ -6,11 +6,11 @@ VALUES ('c', 'TEST C', NULL, TRUE); INSERT INTO user_auths -(user_id, auth_type) +(user_id, auth_type, password_hash) VALUES - (1, 'bypass'), - (2, 'bypass'), - (3, 'bypass'); + (1, 'password', '$2a$10$5FzjoitnZSFFpIPHEqmnXOQkSKWTLwpR.gqPy50iFg5itOZcqARHq'), + (2, 'password', '$2a$10$4Wl1M4jQs.GwkB4oT32KvuMQtF.EdqKuOc8z8KKOupnuMJRAVk32W'), + (3, 'password', '$2a$10$F/TePpu1pyJRWgn0e6A14.VL9D/17sRxT/2DyZ2Oi4Eg/lR6n7JcK'); INSERT INTO problems (title, description) diff --git a/backend/go.mod b/backend/go.mod index 8cb206d..eba1726 100644 --- a/backend/go.mod +++ b/backend/go.mod @@ -12,6 +12,7 @@ require ( github.com/oapi-codegen/oapi-codegen/v2 v2.3.0 github.com/oapi-codegen/runtime v1.1.1 github.com/sqlc-dev/sqlc v1.26.0 + golang.org/x/crypto v0.23.0 ) require ( @@ -63,7 +64,6 @@ require ( go.uber.org/atomic v1.11.0 // indirect go.uber.org/multierr v1.11.0 // indirect go.uber.org/zap v1.26.0 // indirect - golang.org/x/crypto v0.23.0 // indirect golang.org/x/exp v0.0.0-20231108232855-2478ac86f678 // indirect golang.org/x/mod v0.17.0 // indirect golang.org/x/net v0.25.0 // indirect |