kyle
/
mcias
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

get it testing

This commit is contained in:
Kyle Isom 2025-05-09 17:33:01 -07:00
parent d472c5ee82
commit 7114af9d8c
6 changed files with 59 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
/mcias.db

2
data/rand.go
View File

@ -1,5 +1,7 @@
package data package data
import "crypto/rand"
const saltLength = 32 const saltLength = 32
func Salt() ([]byte, error) { func Salt() ([]byte, error) {

32
data/user.go
View File

@ -1,8 +1,18 @@
package data package data
import (
"crypto/subtle"
"errors"
"fmt"
"time"
"github.com/oklog/ulid/v2"
"golang.org/x/crypto/scrypt"
)
const ( const (
scryptN = 32768 scryptN = 32768
scriptR = 8 scryptR = 8
scryptP = 1 scryptP = 1
) )
@ -12,6 +22,7 @@ type User struct {
User string User string
Password []byte Password []byte
Salt []byte Salt []byte
Roles []string
} }
type Login struct { type Login struct {
@ -20,8 +31,8 @@ type Login struct {
Token string `json:"token,omitzero"` Token string `json:"token,omitzero"`
} }
func derive(password string, salt []byte) []byte { func derive(password string, salt []byte) ([]byte, error) {
return scrypt.Key(login.Password, u.Salt, scryptN, scryptR, scryptN, 32) return scrypt.Key([]byte(password), salt, scryptN, scryptR, scryptN, 32)
} }
func (u *User) Check(login *Login) bool { func (u *User) Check(login *Login) bool {
@ -29,7 +40,10 @@ func (u *User) Check(login *Login) bool {
return false return false
} }
derived := derive(login.Password, u.Salt) derived, err := derive(login.Password, u.Salt)
if err != nil {
return false
}
if subtle.ConstantTimeCompare(derived, u.Password) != 0 { if subtle.ConstantTimeCompare(derived, u.Password) != 0 {
return false return false
@ -46,7 +60,7 @@ func (u *User) Register(login *Login) error {
} }
if u.ID == "" { if u.ID == "" {
u.ID = ulid.Make() u.ID = ulid.Make().String()
} }
u.User = login.User u.User = login.User
@ -55,7 +69,11 @@ func (u *User) Register(login *Login) error {
return fmt.Errorf("failed to register user: %w", err) return fmt.Errorf("failed to register user: %w", err)
} }
u.Password = derive(login.Password, u.Salt) u.Password, err = derive(login.Password, u.Salt)
if err != nil {
return fmt.Errorf("key derivation failed: %w", err)
}
u.Created = time.Now().Unix()
return nil return nil
} }

6
go.mod
View File

@ -2,4 +2,8 @@ module git.wntrmute.dev/kyle/mcias
go 1.23.8 go 1.23.8
require github.com/mattn/go-sqlite3 v1.14.28 // indirect require (
github.com/mattn/go-sqlite3 v1.14.28 // indirect
github.com/oklog/ulid/v2 v2.1.0 // indirect
golang.org/x/crypto v0.38.0 // indirect
)

5
go.sum
View File

@ -1,2 +1,7 @@
github.com/mattn/go-sqlite3 v1.14.28 h1:ThEiQrnbtumT+QMknw63Befp/ce/nUPgBPMlRFEum7A= github.com/mattn/go-sqlite3 v1.14.28 h1:ThEiQrnbtumT+QMknw63Befp/ce/nUPgBPMlRFEum7A=
github.com/mattn/go-sqlite3 v1.14.28/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y= github.com/mattn/go-sqlite3 v1.14.28/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
github.com/oklog/ulid/v2 v2.1.0 h1:+9lhoxAP56we25tyYETBBY1YLA2SaoLvUFgrP2miPJU=
github.com/oklog/ulid/v2 v2.1.0/go.mod h1:rcEKHmBBKfef9DhnvX7y1HZBYxjXb0cP5ExxNsTT1QQ=
github.com/pborman/getopt v0.0.0-20170112200414-7148bc3a4c30/go.mod h1:85jBQOZwpVEaDAr341tbn15RS4fCAsIst0qp7i8ex1o=
golang.org/x/crypto v0.38.0 h1:jt+WWG8IZlBnVbomuhg2Mdq0+BBQaHbtqHEFEigjUV8=
golang.org/x/crypto v0.38.0/go.mod h1:MvrbAqul58NNYPKnOra203SB9vpuZW0e+RRZV+Ggqjw=

13
schema.sql
View File

@ -27,3 +27,16 @@ CREATE TABLE registrations (
id text primary key, id text primary key,
code text not null code text not null
); );
CREATE TABLE roles (
id text primary key,
role text not null
);
CREATE TABLE user_roles (
id text primary key,
uid text not null,
rid text not null,
FOREIGN KEY(uid) REFERENCES user(id),
FOREIGN KEY(rid) REFERENCES roles(id)
);