forked from pocketbase/pocketbase
-
Notifications
You must be signed in to change notification settings - Fork 0
/
admin.go
67 lines (53 loc) · 1.73 KB
/
admin.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
package models
import (
"errors"
"github.com/pocketbase/pocketbase/tools/security"
"github.com/pocketbase/pocketbase/tools/types"
"golang.org/x/crypto/bcrypt"
)
var (
_ Model = (*Admin)(nil)
)
type Admin struct {
BaseModel
Avatar int `db:"avatar" json:"avatar"`
Email string `db:"email" json:"email"`
TokenKey string `db:"tokenKey" json:"-"`
PasswordHash string `db:"passwordHash" json:"-"`
LastResetSentAt types.DateTime `db:"lastResetSentAt" json:"-"`
}
// TableName returns the Admin model SQL table name.
func (m *Admin) TableName() string {
return "_admins"
}
// ValidatePassword validates a plain password against the model's password.
func (m *Admin) ValidatePassword(password string) bool {
bytePassword := []byte(password)
bytePasswordHash := []byte(m.PasswordHash)
// comparing the password with the hash
err := bcrypt.CompareHashAndPassword(bytePasswordHash, bytePassword)
// nil means it is a match
return err == nil
}
// SetPassword sets cryptographically secure string to `model.Password`.
//
// Additionally this method also resets the LastResetSentAt and the TokenKey fields.
func (m *Admin) SetPassword(password string) error {
if password == "" {
return errors.New("The provided plain password is empty")
}
// hash the password
hashedPassword, err := bcrypt.GenerateFromPassword([]byte(password), 12)
if err != nil {
return err
}
m.PasswordHash = string(hashedPassword)
m.LastResetSentAt = types.DateTime{} // reset
// invalidate previously issued tokens
return m.RefreshTokenKey()
}
// RefreshTokenKey generates and sets new random token key.
func (m *Admin) RefreshTokenKey() error {
m.TokenKey = security.RandomString(50)
return nil
}