riwiwa/muzi
1
0
Fork 0
mirror of https://github.com/riwiwa/muzi.git synced 2026-02-28 11:56:57 -08:00
Code Issues Packages Projects Releases Wiki Activity

better password validation

Browse Source
This commit is contained in:
riwiwa
2026-02-08 00:51:15 -08:00
parent 9e21d0d5c7
commit 22f7f3cf46
3 changed files with 34 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
templates/create_account.gohtml
View File

@@ -14,6 +14,16 @@
<label for="pass">Password:</label> <label for="pass">Password:</label>
<input type="password" id="pass" name="pass"> <br> <br> <input type="password" id="pass" name="pass"> <br> <br>
<input type="submit" value="Create Account"> <input type="submit" value="Create Account">
{{if eq .Error "length"}}
<div class="login-error">
Password must be 8-64 chars (inclusive).
</div>
{{end}}
{{if eq .Error "session"}}
<div class="login-error">
Unable to create session. Please try again.
</div>
{{end}}
</form> </form>
</div> </div>
</body> </body>

4
templates/login.gohtml
View File

@@ -14,12 +14,12 @@
<label for="pass">Password:</label> <label for="pass">Password:</label>
<input type="password" id="pass" name="pass"> <br> <br> <input type="password" id="pass" name="pass"> <br> <br>
<input type="submit" value="Login"> <input type="submit" value="Login">
{{if eq .Error "1"}} {{if eq .Error "invalid-creds"}}
<div class="login-error"> <div class="login-error">
Invalid credentials. Please try again. Invalid credentials. Please try again.
</div> </div>
{{end}} {{end}}
{{if eq .Error "2"}} {{if eq .Error "session"}}
<div class="login-error"> <div class="login-error">
Unable to create session. Please try again. Unable to create session. Please try again.
</div> </div>

30
web/web.go
View File

@@ -5,6 +5,7 @@ import (
"crypto/rand" "crypto/rand"
"encoding/hex" "encoding/hex"
"encoding/json" "encoding/json"
"errors"
"fmt" "fmt"
"html/template" "html/template"
"net/http" "net/http"
@@ -136,12 +137,16 @@ func getUserIdByUsername(ctx context.Context, username string) (int, error) {
return userId, err return userId, err
} }
func hashPassword(pass []byte) string { func hashPassword(pass []byte) (string, error) {
if len(pass) < 8 || len(pass) > 64 {
return "", errors.New("Error: Password must be greater than 8 chars.")
}
hashedPassword, err := bcrypt.GenerateFromPassword(pass, bcrypt.DefaultCost) hashedPassword, err := bcrypt.GenerateFromPassword(pass, bcrypt.DefaultCost)
if err != nil { if err != nil {
fmt.Fprintf(os.Stderr, "Couldn't hash password: %v\n", err) fmt.Fprintf(os.Stderr, "Couldn't hash password: %v\n", err)
return "", err
} }
return string(hashedPassword) return string(hashedPassword), nil
} }
func verifyPassword(hashedPassword string, enteredPassword []byte) bool { func verifyPassword(hashedPassword string, enteredPassword []byte) bool {
@@ -158,9 +163,14 @@ func createAccount(w http.ResponseWriter, r *http.Request) {
r.ParseForm() r.ParseForm()
username := r.FormValue("uname") username := r.FormValue("uname")
hashedPassword := hashPassword([]byte(r.FormValue("pass"))) hashedPassword, err := hashPassword([]byte(r.FormValue("pass")))
if err != nil {
fmt.Fprintf(os.Stderr, "Error hashing password: %v\n", err)
http.Redirect(w, r, "/createaccount?error=length", http.StatusSeeOther)
return
}
err := db.CreateUsersTable() err = db.CreateUsersTable()
if err != nil { if err != nil {
fmt.Fprintf(os.Stderr, "Error ensuring users table exists: %v\n", err) fmt.Fprintf(os.Stderr, "Error ensuring users table exists: %v\n", err)
http.Redirect(w, r, "/createaccount", http.StatusSeeOther) http.Redirect(w, r, "/createaccount", http.StatusSeeOther)
@@ -179,7 +189,7 @@ func createAccount(w http.ResponseWriter, r *http.Request) {
} else { } else {
sessionID := createSession(username) sessionID := createSession(username)
if sessionID == "" { if sessionID == "" {
http.Redirect(w, r, "/login?error=2", http.StatusSeeOther) http.Redirect(w, r, "/login?error=session", http.StatusSeeOther)
return return
} }
http.SetCookie(w, &http.Cookie{ http.SetCookie(w, &http.Cookie{
@@ -196,7 +206,11 @@ func createAccount(w http.ResponseWriter, r *http.Request) {
func createAccountPageHandler() http.HandlerFunc { func createAccountPageHandler() http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) { return func(w http.ResponseWriter, r *http.Request) {
err := templates.ExecuteTemplate(w, "create_account.gohtml", nil) type data struct {
Error string
}
d := data{Error: "len"}
err := templates.ExecuteTemplate(w, "create_account.gohtml", d)
if err != nil { if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError) http.Error(w, err.Error(), http.StatusInternalServerError)
} }
@@ -219,7 +233,7 @@ func loginSubmit(w http.ResponseWriter, r *http.Request) {
if verifyPassword(storedPassword, []byte(password)) { if verifyPassword(storedPassword, []byte(password)) {
sessionID := createSession(username) sessionID := createSession(username)
if sessionID == "" { if sessionID == "" {
http.Redirect(w, r, "/login?error=2", http.StatusSeeOther) http.Redirect(w, r, "/login?error=session", http.StatusSeeOther)
return return
} }
http.SetCookie(w, &http.Cookie{ http.SetCookie(w, &http.Cookie{
@@ -231,7 +245,7 @@ func loginSubmit(w http.ResponseWriter, r *http.Request) {
}) })
http.Redirect(w, r, "/profile/"+username, http.StatusSeeOther) http.Redirect(w, r, "/profile/"+username, http.StatusSeeOther)
} else { } else {
http.Redirect(w, r, "/login?error=1", http.StatusSeeOther) http.Redirect(w, r, "/login?error=invalid-creds", http.StatusSeeOther)
} }
} }
} }