This commit is contained in:
Liang Ding 2014-12-24 00:14:03 +08:00
parent 1372fbd88c
commit c0c6609e83
5 changed files with 77 additions and 8 deletions

View File

@ -16,12 +16,16 @@ package conf
import (
"crypto/md5"
"crypto/sha1"
"encoding/hex"
"encoding/json"
"io/ioutil"
"os"
"path/filepath"
"strings"
"time"
"github.com/b3log/wide/util"
)
// LatestSessionContent represents the latest session content.
@ -35,6 +39,7 @@ type LatestSessionContent struct {
type User struct {
Name string
Password string
Salt string
Email string
Gravatar string // see http://gravatar.com
Workspace string // the GOPATH of this user
@ -43,6 +48,9 @@ type User struct {
FontFamily string
FontSize string
Theme string
Created int64 // user create time in unix nano
Updated int64 // preference update time in unix nano
Lived int64 // the latest session activity in unix nano
Editor *editor
LatestSessionContent *LatestSessionContent
}
@ -58,12 +66,18 @@ type editor struct {
// NewUser creates a user with the specified username, password, email and workspace.
func NewUser(username, password, email, workspace string) *User {
hash := md5.New()
hash.Write([]byte(email))
gravatar := hex.EncodeToString(hash.Sum(nil))
md5hash := md5.New()
md5hash.Write([]byte(email))
gravatar := hex.EncodeToString(md5hash.Sum(nil))
return &User{Name: username, Password: password, Email: email, Gravatar: gravatar, Workspace: workspace,
salt := util.Rand.String(16)
password = Salt(password, salt)
now := time.Now().UnixNano()
return &User{Name: username, Password: password, Salt: salt, Email: email, Gravatar: gravatar, Workspace: workspace,
Locale: Wide.Locale, GoFormat: "gofmt", FontFamily: "Helvetica", FontSize: "13px", Theme: "default",
Created: now, Updated: now, Lived: now,
Editor: &editor{FontFamily: "Consolas, 'Courier New', monospace", FontSize: "inherit", LineHeight: "17px",
Theme: "wide", TabSize: "4"}}
}
@ -110,3 +124,11 @@ func GetOwner(path string) string {
return ""
}
// Salt salts the specified password with the specified salt.
func Salt(password, salt string) string {
sha1hash := sha1.New()
sha1hash.Write([]byte(password + salt))
return hex.EncodeToString(sha1hash.Sum(nil))
}

View File

@ -1,6 +1,7 @@
{
"Name": "admin",
"Password": "admin",
"Password": "d1bfca21893c908e64fabda01d71294b1ccdcaa7",
"Salt": "dnoyeb",
"Email": "",
"Gravatar": "d41d8cd98f00b204e9800998ecf8427e",
"Workspace": "${GOPATH}",
@ -9,6 +10,9 @@
"FontFamily": "Helvetica",
"FontSize": "13px",
"Theme": "default",
"Created": 1414080000000000000,
"Updated": 1414080000000000000,
"Lived": 1414080000000000000,
"Editor": {
"FontFamily": "Consolas, 'Courier New', monospace",
"FontSize": "13px",

View File

@ -235,7 +235,7 @@ func WSHandler(w http.ResponseWriter, r *http.Request) {
}
}
// SaveContent handles request of session content storing.
// SaveContent handles request of session content string.
func SaveContent(w http.ResponseWriter, r *http.Request) {
data := map[string]interface{}{"succ": true}
defer util.RetJSON(w, r, data)
@ -263,9 +263,11 @@ func SaveContent(w http.ResponseWriter, r *http.Request) {
for _, user := range conf.Users {
if user.Name == wSession.Username {
// update the variable in-memory, conf.FixedTimeSave() function will persist it periodically
// update the variable in-memory, session.FixedTimeSave() function will persist it periodically
user.LatestSessionContent = wSession.Content
user.Lived = time.Now().UnixNano()
wSession.Refresh()
return

View File

@ -135,6 +135,10 @@ func PreferenceHandler(w http.ResponseWriter, r *http.Request) {
conf.UpdateCustomizedConf(username)
now := time.Now().UnixNano()
user.Lived = now
user.Updated = now
succ = user.Save()
}
@ -180,7 +184,7 @@ func LoginHandler(w http.ResponseWriter, r *http.Request) {
succ = false
for _, user := range conf.Users {
if user.Name == args.Username && user.Password == args.Password {
if user.Name == args.Username && user.Password == conf.Salt(args.Password, user.Salt) {
succ = true
break

37
util/rand.go Normal file
View File

@ -0,0 +1,37 @@
// Copyright (c) 2014, B3log
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package util
import "math/rand"
type myrand struct{}
// Random utilities.
var Rand = myrand{}
// String returns a random string ['a', 'z'] in the specified length
func (*myrand) String(length int) string {
bytes := make([]byte, length)
for i := 0; i < length; i++ {
bytes[i] = byte(Rand.Int('a', 'z'))
}
return string(bytes)
}
// Int returns a random integer in range [min, max].
func (*myrand) Int(min int, max int) int {
return min + rand.Intn(max-min)
}