From 7c356fa407a38cb1e549247fa5782ab9c9e1aec4 Mon Sep 17 00:00:00 2001 From: Henry Date: Wed, 12 May 2021 14:41:47 +0200 Subject: [PATCH] change []byte password to string --- roomdb/interface.go | 4 +-- roomdb/mockdb/auth_fallback.go | 42 +++++++++++------------------ roomdb/sqlite/auth_fallback.go | 8 +++--- roomdb/sqlite/auth_fallback_test.go | 10 +++---- web/handlers/members_password.go | 4 +-- 5 files changed, 29 insertions(+), 39 deletions(-) diff --git a/roomdb/interface.go b/roomdb/interface.go index 6e083cec..92f89409 100644 --- a/roomdb/interface.go +++ b/roomdb/interface.go @@ -34,13 +34,13 @@ type AuthFallbackService interface { auth.Auther // SetPassword creates or updates a fallback login password for this user. - SetPassword(_ context.Context, memberID int64, password []byte) error + SetPassword(_ context.Context, memberID int64, password string) error // CreateResetToken returns a token which can be used via SetPasswordWithToken() to reset the password of a member. CreateResetToken(_ context.Context, createdByMember, forMember int64) (string, error) // SetPasswordWithToken consumes a token created with CreateResetToken() and updates the password for that member accordingly. - SetPasswordWithToken(_ context.Context, resetToken string, password []byte) error + SetPasswordWithToken(_ context.Context, resetToken string, password string) error } // AuthWithSSBService defines utility functions for the challenge/response system of sign-in with ssb diff --git a/roomdb/mockdb/auth_fallback.go b/roomdb/mockdb/auth_fallback.go index 4e1ff6ab..e52f349c 100644 --- a/roomdb/mockdb/auth_fallback.go +++ b/roomdb/mockdb/auth_fallback.go @@ -38,12 +38,12 @@ type FakeAuthFallbackService struct { result1 string result2 error } - SetPasswordStub func(context.Context, int64, []byte) error + SetPasswordStub func(context.Context, int64, string) error setPasswordMutex sync.RWMutex setPasswordArgsForCall []struct { arg1 context.Context arg2 int64 - arg3 []byte + arg3 string } setPasswordReturns struct { result1 error @@ -51,12 +51,12 @@ type FakeAuthFallbackService struct { setPasswordReturnsOnCall map[int]struct { result1 error } - SetPasswordWithTokenStub func(context.Context, string, []byte) error + SetPasswordWithTokenStub func(context.Context, string, string) error setPasswordWithTokenMutex sync.RWMutex setPasswordWithTokenArgsForCall []struct { arg1 context.Context arg2 string - arg3 []byte + arg3 string } setPasswordWithTokenReturns struct { result1 error @@ -199,22 +199,17 @@ func (fake *FakeAuthFallbackService) CreateResetTokenReturnsOnCall(i int, result }{result1, result2} } -func (fake *FakeAuthFallbackService) SetPassword(arg1 context.Context, arg2 int64, arg3 []byte) error { - var arg3Copy []byte - if arg3 != nil { - arg3Copy = make([]byte, len(arg3)) - copy(arg3Copy, arg3) - } +func (fake *FakeAuthFallbackService) SetPassword(arg1 context.Context, arg2 int64, arg3 string) error { fake.setPasswordMutex.Lock() ret, specificReturn := fake.setPasswordReturnsOnCall[len(fake.setPasswordArgsForCall)] fake.setPasswordArgsForCall = append(fake.setPasswordArgsForCall, struct { arg1 context.Context arg2 int64 - arg3 []byte - }{arg1, arg2, arg3Copy}) + arg3 string + }{arg1, arg2, arg3}) stub := fake.SetPasswordStub fakeReturns := fake.setPasswordReturns - fake.recordInvocation("SetPassword", []interface{}{arg1, arg2, arg3Copy}) + fake.recordInvocation("SetPassword", []interface{}{arg1, arg2, arg3}) fake.setPasswordMutex.Unlock() if stub != nil { return stub(arg1, arg2, arg3) @@ -231,13 +226,13 @@ func (fake *FakeAuthFallbackService) SetPasswordCallCount() int { return len(fake.setPasswordArgsForCall) } -func (fake *FakeAuthFallbackService) SetPasswordCalls(stub func(context.Context, int64, []byte) error) { +func (fake *FakeAuthFallbackService) SetPasswordCalls(stub func(context.Context, int64, string) error) { fake.setPasswordMutex.Lock() defer fake.setPasswordMutex.Unlock() fake.SetPasswordStub = stub } -func (fake *FakeAuthFallbackService) SetPasswordArgsForCall(i int) (context.Context, int64, []byte) { +func (fake *FakeAuthFallbackService) SetPasswordArgsForCall(i int) (context.Context, int64, string) { fake.setPasswordMutex.RLock() defer fake.setPasswordMutex.RUnlock() argsForCall := fake.setPasswordArgsForCall[i] @@ -267,22 +262,17 @@ func (fake *FakeAuthFallbackService) SetPasswordReturnsOnCall(i int, result1 err }{result1} } -func (fake *FakeAuthFallbackService) SetPasswordWithToken(arg1 context.Context, arg2 string, arg3 []byte) error { - var arg3Copy []byte - if arg3 != nil { - arg3Copy = make([]byte, len(arg3)) - copy(arg3Copy, arg3) - } +func (fake *FakeAuthFallbackService) SetPasswordWithToken(arg1 context.Context, arg2 string, arg3 string) error { fake.setPasswordWithTokenMutex.Lock() ret, specificReturn := fake.setPasswordWithTokenReturnsOnCall[len(fake.setPasswordWithTokenArgsForCall)] fake.setPasswordWithTokenArgsForCall = append(fake.setPasswordWithTokenArgsForCall, struct { arg1 context.Context arg2 string - arg3 []byte - }{arg1, arg2, arg3Copy}) + arg3 string + }{arg1, arg2, arg3}) stub := fake.SetPasswordWithTokenStub fakeReturns := fake.setPasswordWithTokenReturns - fake.recordInvocation("SetPasswordWithToken", []interface{}{arg1, arg2, arg3Copy}) + fake.recordInvocation("SetPasswordWithToken", []interface{}{arg1, arg2, arg3}) fake.setPasswordWithTokenMutex.Unlock() if stub != nil { return stub(arg1, arg2, arg3) @@ -299,13 +289,13 @@ func (fake *FakeAuthFallbackService) SetPasswordWithTokenCallCount() int { return len(fake.setPasswordWithTokenArgsForCall) } -func (fake *FakeAuthFallbackService) SetPasswordWithTokenCalls(stub func(context.Context, string, []byte) error) { +func (fake *FakeAuthFallbackService) SetPasswordWithTokenCalls(stub func(context.Context, string, string) error) { fake.setPasswordWithTokenMutex.Lock() defer fake.setPasswordWithTokenMutex.Unlock() fake.SetPasswordWithTokenStub = stub } -func (fake *FakeAuthFallbackService) SetPasswordWithTokenArgsForCall(i int) (context.Context, string, []byte) { +func (fake *FakeAuthFallbackService) SetPasswordWithTokenArgsForCall(i int) (context.Context, string, string) { fake.setPasswordWithTokenMutex.RLock() defer fake.setPasswordWithTokenMutex.RUnlock() argsForCall := fake.setPasswordWithTokenArgsForCall[i] diff --git a/roomdb/sqlite/auth_fallback.go b/roomdb/sqlite/auth_fallback.go index 7a49558b..a515c257 100644 --- a/roomdb/sqlite/auth_fallback.go +++ b/roomdb/sqlite/auth_fallback.go @@ -79,8 +79,8 @@ func (af AuthFallback) Check(login, password string) (interface{}, error) { return foundPassword.MemberID, nil } -func (af AuthFallback) SetPassword(ctx context.Context, memberID int64, password []byte) error { - hashed, err := bcrypt.GenerateFromPassword(password, bcrypt.DefaultCost) +func (af AuthFallback) SetPassword(ctx context.Context, memberID int64, password string) error { + hashed, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost) if err != nil { return fmt.Errorf("auth/fallback: failed to hash password for member") } @@ -115,8 +115,8 @@ func (af AuthFallback) SetPassword(ctx context.Context, memberID int64, password }) } -func (af AuthFallback) SetPasswordWithToken(ctx context.Context, resetToken string, password []byte) error { - hashed, err := bcrypt.GenerateFromPassword(password, bcrypt.DefaultCost) +func (af AuthFallback) SetPasswordWithToken(ctx context.Context, resetToken string, password string) error { + hashed, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost) if err != nil { return fmt.Errorf("auth/fallback: failed to hash password for member") } diff --git a/roomdb/sqlite/auth_fallback_test.go b/roomdb/sqlite/auth_fallback_test.go index cc2f9753..f3c16f79 100644 --- a/roomdb/sqlite/auth_fallback_test.go +++ b/roomdb/sqlite/auth_fallback_test.go @@ -31,7 +31,7 @@ func TestFallbackAuth(t *testing.T) { memberID, err := db.Members.Add(ctx, newMember, roomdb.RoleMember) r.NoError(err, "failed to create member") - testPassword := []byte("super-secure-and-secret-password") + testPassword := "super-secure-and-secret-password" err = db.AuthFallback.SetPassword(ctx, memberID, testPassword) r.NoError(err, "failed to create password") @@ -78,7 +78,7 @@ func TestFallbackAuthSetPassword(t *testing.T) { memberID, err := db.Members.Add(ctx, newMember, roomdb.RoleMember) r.NoError(err, "failed to create member") - testPassword := []byte("super-secure-and-secret-password") + testPassword := "super-secure-and-secret-password" err = db.AuthFallback.SetPassword(ctx, memberID, testPassword) r.NoError(err, "failed to set password") @@ -96,7 +96,7 @@ func TestFallbackAuthSetPassword(t *testing.T) { r.Nil(cookieVal) // set it to something different - changedTestPassword := []byte("some-different-super-secure-password") + changedTestPassword := "some-different-super-secure-password" err = db.AuthFallback.SetPassword(ctx, memberID, changedTestPassword) r.NoError(err, "failed to update password") @@ -133,7 +133,7 @@ func TestFallbackAuthSetPasswordWithToken(t *testing.T) { carlID, err := db.Members.Add(ctx, carl, roomdb.RoleModerator) r.NoError(err, "failed to create member") - err = db.AuthFallback.SetPassword(ctx, carlID, []byte("i swear i wont forgettt thiszzz91238129e812hjejahsdkasdhaksjdh")) + err = db.AuthFallback.SetPassword(ctx, carlID, "i swear i wont forgettt thiszzz91238129e812hjejahsdkasdhaksjdh") r.NoError(err, "failed to update password") // and he does... so lets create a token for him @@ -147,7 +147,7 @@ func TestFallbackAuthSetPasswordWithToken(t *testing.T) { // change carls password by using the token newPassword := "marry had a little lamp" - err = db.AuthFallback.SetPasswordWithToken(ctx, resetTok, []byte(newPassword)) + err = db.AuthFallback.SetPasswordWithToken(ctx, resetTok, newPassword) r.NoError(err, "setPassword with token failed") // now use the new password diff --git a/web/handlers/members_password.go b/web/handlers/members_password.go index ed449acb..692deaec 100644 --- a/web/handlers/members_password.go +++ b/web/handlers/members_password.go @@ -139,9 +139,9 @@ func (mh membersHandler) changePassword(w http.ResponseWriter, req *http.Request // update the password if resetToken == "" { - err = mh.authFallbackDB.SetPassword(ctx, memberID, []byte(newpw)) + err = mh.authFallbackDB.SetPassword(ctx, memberID, newpw) } else { - err = mh.authFallbackDB.SetPasswordWithToken(ctx, resetToken, []byte(newpw)) + err = mh.authFallbackDB.SetPasswordWithToken(ctx, resetToken, newpw) } // add flash msg about the outcome and redirect the user