updated login tokens

2022-12-09 13:04:03 -06:00
parent 8ae527683b
commit 94f3ff9a26
4 changed files with 30 additions and 19 deletions
--- a/storage/api.go
+++ b/storage/api.go
@@ -25,7 +25,7 @@ func UpdatePassword(password string) {
 	}
 }

-func CheckLogin(username string, password string) (bool, string) {
+func CheckLogin(username string, password string, ip string) (bool, string) {
 	if username == "" || password == "" {
 		return false, ""
 	}
@@ -49,18 +49,35 @@ func CheckLogin(username string, password string) (bool, string) {
 		return false, ""
 	}
 	
-	return true, createLoginToken()
+	return true, createLoginToken(ip)
 }

-func createLoginToken() string {
+type loginToken struct {
+	Token []byte `json:"token"`
+	IP string `jsong:"ip"`
+	End string `json:"end"`
+}
+
+func createLoginToken(ip string) string {
 	token := util.GeneratePassword(32)

+	tokenHash, err := bcrypt.GenerateFromPassword([]byte(token), bcrypt.DefaultCost)
+	if err != nil {
+		panic(err)
+	}
+
+	tokenData := loginToken{
+		Token: tokenHash,
+		IP: ip,
+		End: token[len(token) - 4:],
+	}
+
 	member := redis.Z{
 		Score: float64(time.Now().Unix() + 4 * 60 * 60),
-		Member: token,
+		Member: tokenData,
 	}

-	err := client.ZAdd(ctx, "loginTokens", member).Err()
+	err = client.ZAdd(ctx, "loginTokens", member).Err()
 	if err != nil {
 		panic(err)
 	}
@@ -68,7 +85,7 @@ func createLoginToken() string {
 	return token
 }

-func CheckLoginToken(token string) bool {
+func CheckLoginToken(token string, ip string) bool {

 	expired, err := client.ZRangeByScore(ctx, "loginTokens", &redis.ZRangeBy{
 		Min: "-inf",
@@ -83,18 +100,16 @@ func CheckLoginToken(token string) bool {
 		client.ZRem(ctx, "loginTokens", e)
 	}

-	current, err := client.ZRangeByScore(ctx, "loginTokens", &redis.ZRangeBy{
-		Min: fmt.Sprintf("%d", time.Now().Unix()),
-		Max: "inf",
-	}).Result()
+	current := make([]loginToken, 0)
+	err = client.ZRange(ctx, "loginTokens", 0, -1).ScanSlice(current)

 	if err != nil {
 		panic(err)
 	}

 	for _, c := range current {
-		fmt.Println(c)
-		if c == token {
+		err = bcrypt.CompareHashAndPassword([]byte(c.Token), []byte(token))
+		if err == nil && ip == c.IP {
 			return true
 		}
 	}