Basic JWT is now working #12
@ -22,7 +22,7 @@ func generateJwt() (string, error) {
|
||||
//TODO use env here
|
||||
secret := []byte("ThisIsABadSecretDontReallyUseThis")
|
||||
|
||||
token := jwt.New(jwt.SigningMethodEdDSA)
|
||||
token := jwt.New(jwt.SigningMethodHS256)
|
||||
claims := token.Claims.(jwt.MapClaims)
|
||||
claims["exp"] = time.Now().Add(10 * time.Minute)
|
||||
claims["authorized"] = true
|
||||
|
@ -36,18 +36,19 @@ func (us UserService) DoesUserExist(username string) error {
|
||||
}
|
||||
|
||||
func (us UserService) DoesPasswordMatchHash(username, password string) error {
|
||||
passwordBytes := []byte(password)
|
||||
hash, err := bcrypt.GenerateFromPassword(passwordBytes, bcrypt.DefaultCost)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
//passwordBytes := []byte(password)
|
||||
//hash, err := bcrypt.GenerateFromPassword(passwordBytes, bcrypt.DefaultCost)
|
||||
//if err != nil {
|
||||
// return err
|
||||
//}
|
||||
|
||||
model, err := us.GetUser(username)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if model.Hash != string(hash) {
|
||||
err = bcrypt.CompareHashAndPassword([]byte(model.Hash), []byte(password))
|
||||
if err != nil {
|
||||
return errors.New(ErrInvalidPassword)
|
||||
}
|
||||
|
||||
@ -83,7 +84,7 @@ func (us UserService) CheckPasswordForRequirements(password string) error {
|
||||
}
|
||||
|
||||
func (us UserService) checkPasswordLength(password string) error {
|
||||
if len(password) <= 8 {
|
||||
if len(password) < 8 {
|
||||
return errors.New(ErrPasswordNotLongEnough)
|
||||
}
|
||||
return nil
|
||||
|
@ -1,7 +1,7 @@
|
||||
###
|
||||
POST http://localhost:1323/api/v1/register?username=test&password=test
|
||||
POST http://localhost:1323/api/v1/register?username=test&password=test1234!
|
||||
###
|
||||
POST http://localhost:1323/api/v1/login?username=test&password=test
|
||||
POST http://localhost:1323/api/v1/login?username=test&password=test1234!
|
||||
###
|
||||
GET http://localhost:1323/api/v1/demo/hello
|
||||
###
|
||||
|
Loading…
Reference in New Issue
Block a user