Fix #189
This commit is contained in:
parent
1372fbd88c
commit
c0c6609e83
30
conf/user.go
30
conf/user.go
|
@ -16,12 +16,16 @@ package conf
|
|||
|
||||
import (
|
||||
"crypto/md5"
|
||||
"crypto/sha1"
|
||||
"encoding/hex"
|
||||
"encoding/json"
|
||||
"io/ioutil"
|
||||
"os"
|
||||
"path/filepath"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/b3log/wide/util"
|
||||
)
|
||||
|
||||
// LatestSessionContent represents the latest session content.
|
||||
|
@ -35,6 +39,7 @@ type LatestSessionContent struct {
|
|||
type User struct {
|
||||
Name string
|
||||
Password string
|
||||
Salt string
|
||||
Email string
|
||||
Gravatar string // see http://gravatar.com
|
||||
Workspace string // the GOPATH of this user
|
||||
|
@ -43,6 +48,9 @@ type User struct {
|
|||
FontFamily string
|
||||
FontSize string
|
||||
Theme string
|
||||
Created int64 // user create time in unix nano
|
||||
Updated int64 // preference update time in unix nano
|
||||
Lived int64 // the latest session activity in unix nano
|
||||
Editor *editor
|
||||
LatestSessionContent *LatestSessionContent
|
||||
}
|
||||
|
@ -58,12 +66,18 @@ type editor struct {
|
|||
|
||||
// NewUser creates a user with the specified username, password, email and workspace.
|
||||
func NewUser(username, password, email, workspace string) *User {
|
||||
hash := md5.New()
|
||||
hash.Write([]byte(email))
|
||||
gravatar := hex.EncodeToString(hash.Sum(nil))
|
||||
md5hash := md5.New()
|
||||
md5hash.Write([]byte(email))
|
||||
gravatar := hex.EncodeToString(md5hash.Sum(nil))
|
||||
|
||||
return &User{Name: username, Password: password, Email: email, Gravatar: gravatar, Workspace: workspace,
|
||||
salt := util.Rand.String(16)
|
||||
password = Salt(password, salt)
|
||||
|
||||
now := time.Now().UnixNano()
|
||||
|
||||
return &User{Name: username, Password: password, Salt: salt, Email: email, Gravatar: gravatar, Workspace: workspace,
|
||||
Locale: Wide.Locale, GoFormat: "gofmt", FontFamily: "Helvetica", FontSize: "13px", Theme: "default",
|
||||
Created: now, Updated: now, Lived: now,
|
||||
Editor: &editor{FontFamily: "Consolas, 'Courier New', monospace", FontSize: "inherit", LineHeight: "17px",
|
||||
Theme: "wide", TabSize: "4"}}
|
||||
}
|
||||
|
@ -110,3 +124,11 @@ func GetOwner(path string) string {
|
|||
|
||||
return ""
|
||||
}
|
||||
|
||||
// Salt salts the specified password with the specified salt.
|
||||
func Salt(password, salt string) string {
|
||||
sha1hash := sha1.New()
|
||||
sha1hash.Write([]byte(password + salt))
|
||||
|
||||
return hex.EncodeToString(sha1hash.Sum(nil))
|
||||
}
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
{
|
||||
"Name": "admin",
|
||||
"Password": "admin",
|
||||
"Password": "d1bfca21893c908e64fabda01d71294b1ccdcaa7",
|
||||
"Salt": "dnoyeb",
|
||||
"Email": "",
|
||||
"Gravatar": "d41d8cd98f00b204e9800998ecf8427e",
|
||||
"Workspace": "${GOPATH}",
|
||||
|
@ -9,6 +10,9 @@
|
|||
"FontFamily": "Helvetica",
|
||||
"FontSize": "13px",
|
||||
"Theme": "default",
|
||||
"Created": 1414080000000000000,
|
||||
"Updated": 1414080000000000000,
|
||||
"Lived": 1414080000000000000,
|
||||
"Editor": {
|
||||
"FontFamily": "Consolas, 'Courier New', monospace",
|
||||
"FontSize": "13px",
|
||||
|
|
|
@ -235,7 +235,7 @@ func WSHandler(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
}
|
||||
|
||||
// SaveContent handles request of session content storing.
|
||||
// SaveContent handles request of session content string.
|
||||
func SaveContent(w http.ResponseWriter, r *http.Request) {
|
||||
data := map[string]interface{}{"succ": true}
|
||||
defer util.RetJSON(w, r, data)
|
||||
|
@ -263,9 +263,11 @@ func SaveContent(w http.ResponseWriter, r *http.Request) {
|
|||
|
||||
for _, user := range conf.Users {
|
||||
if user.Name == wSession.Username {
|
||||
// update the variable in-memory, conf.FixedTimeSave() function will persist it periodically
|
||||
// update the variable in-memory, session.FixedTimeSave() function will persist it periodically
|
||||
user.LatestSessionContent = wSession.Content
|
||||
|
||||
user.Lived = time.Now().UnixNano()
|
||||
|
||||
wSession.Refresh()
|
||||
|
||||
return
|
||||
|
|
|
@ -135,6 +135,10 @@ func PreferenceHandler(w http.ResponseWriter, r *http.Request) {
|
|||
|
||||
conf.UpdateCustomizedConf(username)
|
||||
|
||||
now := time.Now().UnixNano()
|
||||
user.Lived = now
|
||||
user.Updated = now
|
||||
|
||||
succ = user.Save()
|
||||
}
|
||||
|
||||
|
@ -180,7 +184,7 @@ func LoginHandler(w http.ResponseWriter, r *http.Request) {
|
|||
|
||||
succ = false
|
||||
for _, user := range conf.Users {
|
||||
if user.Name == args.Username && user.Password == args.Password {
|
||||
if user.Name == args.Username && user.Password == conf.Salt(args.Password, user.Salt) {
|
||||
succ = true
|
||||
|
||||
break
|
||||
|
|
|
@ -0,0 +1,37 @@
|
|||
// Copyright (c) 2014, B3log
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package util
|
||||
|
||||
import "math/rand"
|
||||
|
||||
type myrand struct{}
|
||||
|
||||
// Random utilities.
|
||||
var Rand = myrand{}
|
||||
|
||||
// String returns a random string ['a', 'z'] in the specified length
|
||||
func (*myrand) String(length int) string {
|
||||
bytes := make([]byte, length)
|
||||
for i := 0; i < length; i++ {
|
||||
bytes[i] = byte(Rand.Int('a', 'z'))
|
||||
}
|
||||
|
||||
return string(bytes)
|
||||
}
|
||||
|
||||
// Int returns a random integer in range [min, max].
|
||||
func (*myrand) Int(min int, max int) int {
|
||||
return min + rand.Intn(max-min)
|
||||
}
|
Loading…
Reference in New Issue