[rejestracja] [logowanie] szyfrowanie hasel jak w django
This commit is contained in:
parent
196dfca658
commit
2f58eb4542
@ -31,7 +31,7 @@
|
||||
"login": "A"
|
||||
}
|
||||
#"[addNewUserView][Error] Nie podano hasła"
|
||||
|
||||
################################################################
|
||||
|
||||
127.0.0.1:3000/api/updateUserPointsView
|
||||
{
|
||||
@ -53,5 +53,20 @@
|
||||
#"[updateUserPointsView][Error] Brak uzytkownika w bazie"
|
||||
|
||||
|
||||
################################################################
|
||||
127.0.0.1:3000/api/loginUserView
|
||||
|
||||
{
|
||||
"login": "B2",
|
||||
"password": "B",
|
||||
"test": "test"
|
||||
}
|
||||
#true
|
||||
|
||||
|
||||
{
|
||||
"login": "B2",
|
||||
"password": "B2",
|
||||
"test": "test"
|
||||
}
|
||||
#false
|
@ -5,6 +5,7 @@ import (
|
||||
"fmt"
|
||||
|
||||
_ "github.com/go-sql-driver/mysql"
|
||||
"golang.org/x/crypto/bcrypt"
|
||||
)
|
||||
|
||||
func connectMysql() (*sql.DB, error) {
|
||||
@ -20,13 +21,18 @@ func addUser(_login string, _password string, _userDescription string) error {
|
||||
//do rejestracji uzytkownika
|
||||
// Insert do bazy Mysql Nowego użytkownika
|
||||
|
||||
db, err := connectMysql()
|
||||
password := []byte(_password) //zamiana stringa na bajty dla funckji hashujacej
|
||||
|
||||
db, err := connectMysql()
|
||||
if err != nil {
|
||||
panic(err.Error())
|
||||
return err
|
||||
}
|
||||
|
||||
// Hashing the password with the default cost of 10
|
||||
hashedPassword, err := bcrypt.GenerateFromPassword(password, bcrypt.DefaultCost)
|
||||
encryptedPassword := string(hashedPassword)
|
||||
|
||||
queryInsert := fmt.Sprintf(`INSERT INTO users (
|
||||
login,
|
||||
password,
|
||||
@ -37,7 +43,7 @@ func addUser(_login string, _password string, _userDescription string) error {
|
||||
"%s",
|
||||
"%s",
|
||||
"%d"
|
||||
)`, _login, _password, _userDescription, 0) //przy rejestracji kzdy ma 0 punktow
|
||||
)`, _login, encryptedPassword, _userDescription, 0) //przy rejestracji kzdy ma 0 punktow
|
||||
|
||||
fmt.Printf(queryInsert)
|
||||
insert, err := db.Query(queryInsert)
|
||||
@ -118,7 +124,8 @@ func checkLoginExists(_login string) (bool, error) {
|
||||
func loginUser(_login string, _password string) (bool, error) {
|
||||
//do logowanie w bazie
|
||||
db, err := connectMysql()
|
||||
querySelect := fmt.Sprintf(`SELECT login FROM users WHERE login='%s' AND password='%s' ;`, _login, _password)
|
||||
|
||||
querySelect := fmt.Sprintf(`SELECT password FROM users WHERE login='%s' ;`, _login)
|
||||
|
||||
result, err := db.Query(querySelect)
|
||||
if err != nil {
|
||||
@ -127,15 +134,17 @@ func loginUser(_login string, _password string) (bool, error) {
|
||||
}
|
||||
|
||||
for result.Next() {
|
||||
var userLogin string
|
||||
var hashedPassword string
|
||||
|
||||
err = result.Scan(&userLogin)
|
||||
err = result.Scan(&hashedPassword)
|
||||
if err != nil {
|
||||
panic(err.Error())
|
||||
return false, err
|
||||
}
|
||||
|
||||
if userLogin != "" {
|
||||
// Comparing the password with the hash
|
||||
err = bcrypt.CompareHashAndPassword([]byte(hashedPassword), []byte(_password))
|
||||
if err == nil { // nil means it is a match
|
||||
return true, nil
|
||||
}
|
||||
}
|
||||
|
BIN
backend/main.exe
BIN
backend/main.exe
Binary file not shown.
@ -5,6 +5,7 @@ import (
|
||||
"net/http"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
// go get "golang.org/x/crypto/bcrypt"
|
||||
)
|
||||
|
||||
func getUsersView(c *gin.Context) {
|
||||
@ -62,14 +63,20 @@ func addNewUserView(c *gin.Context) {
|
||||
if isExists {
|
||||
c.JSON(http.StatusOK, "Login zajęty")
|
||||
return
|
||||
} else {
|
||||
}
|
||||
|
||||
if err != nil {
|
||||
c.JSON(http.StatusOK, "[addNewUserView][Error] Nie mozna zaszyfrowac hasla")
|
||||
return
|
||||
}
|
||||
|
||||
err = addUser(_login, _password, _userDescription)
|
||||
|
||||
if err != nil {
|
||||
c.JSON(http.StatusOK, "[addNewUserView][Error] Nie mozna dodac do bazy")
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
c.Header("Content-Type", "application/json")
|
||||
c.JSON(http.StatusOK, "[addNewUserView] Dodano uzytkownika do bazy")
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user