Update dependencies, improve password handling, and enhance devcontainer configuration. Bump Go version to 1.24.1, add Air version to Dockerfile, and refactor password hashing and comparison functions to return errors. Update tests accordingly.
This commit is contained in:
qpismont
parent
26ce8522ac
commit
3e8171162b
7 changed files with 56 additions and 28 deletions
|
|
@ -5,14 +5,17 @@ WORKDIR /app
|
|||
ARG GO_VERSION
|
||||
ARG GOLANGCI_LINT_VERSION
|
||||
ARG MIGRATE_VERSION
|
||||
ARG AIR_VERSION
|
||||
|
||||
RUN apt update &&\
|
||||
apt install git wget curl -y &&\
|
||||
wget https://go.dev/dl/go$GO_VERSION.linux-amd64.tar.gz &&\
|
||||
rm -rf /usr/local/go && tar -C /usr/local -xzf go$GO_VERSION.linux-amd64.tar.gz &&\
|
||||
curl -sSfL https://raw.githubusercontent.com/air-verse/air/master/install.sh | sh -s -- -b /usr/local/go/bin &&\
|
||||
wget https://github.com/golangci/golangci-lint/releases/download/v$GOLANGCI_LINT_VERSION/golangci-lint-$GOLANGCI_LINT_VERSION-linux-amd64.deb &&\
|
||||
dpkg -i golangci-lint-$GOLANGCI_LINT_VERSION-linux-amd64.deb &&\
|
||||
wget https://github.com/golang-migrate/migrate/releases/download/v$MIGRATE_VERSION/migrate.linux-amd64.deb &&\
|
||||
dpkg -i migrate.linux-amd64.deb &&\
|
||||
wget https://github.com/air-verse/air/releases/download/v$AIR_VERSION/air_${AIR_VERSION}_linux_amd64 &&\
|
||||
chmod +x air_${AIR_VERSION}_linux_amd64 &&\
|
||||
mv air_${AIR_VERSION}_linux_amd64 /usr/local/go/bin/air &&\
|
||||
echo "export PATH=$PATH:/usr/local/go/bin" > /root/.bashrc
|
||||
|
|
@ -6,7 +6,8 @@
|
|||
"args": {
|
||||
"GO_VERSION": "1.24.1",
|
||||
"GOLANGCI_LINT_VERSION": "1.64.5",
|
||||
"MIGRATE_VERSION": "4.18.2"
|
||||
"MIGRATE_VERSION": "4.18.2",
|
||||
"AIR_VERSION": "1.61.7"
|
||||
}
|
||||
},
|
||||
"customizations": {
|
||||
|
|
|
|||
9
go.mod
9
go.mod
|
|
@ -3,11 +3,13 @@ module gitea.qpismont.fr/qpismont/trepa
|
|||
go 1.24.0
|
||||
|
||||
require (
|
||||
github.com/go-playground/validator/v10 v10.25.0
|
||||
github.com/golang-jwt/jwt/v5 v5.2.1
|
||||
github.com/jackc/pgx v3.6.2+incompatible
|
||||
github.com/jmoiron/sqlx v1.4.0
|
||||
github.com/joho/godotenv v1.5.1
|
||||
github.com/magiconair/properties v1.8.9
|
||||
github.com/matthewhartstonge/argon2 v1.2.0
|
||||
github.com/stretchr/testify v1.10.0
|
||||
)
|
||||
|
||||
|
|
@ -17,16 +19,15 @@ require (
|
|||
github.com/gabriel-vasile/mimetype v1.4.8 // indirect
|
||||
github.com/go-playground/locales v0.14.1 // indirect
|
||||
github.com/go-playground/universal-translator v0.18.1 // indirect
|
||||
github.com/go-playground/validator/v10 v10.25.0 // indirect
|
||||
github.com/gofrs/uuid v4.4.0+incompatible // indirect
|
||||
github.com/jackc/fake v0.0.0-20150926172116-812a484cc733 // indirect
|
||||
github.com/leodido/go-urn v1.4.0 // indirect
|
||||
github.com/pkg/errors v0.9.1 // indirect
|
||||
github.com/pmezard/go-difflib v1.0.0 // indirect
|
||||
github.com/shopspring/decimal v1.4.0 // indirect
|
||||
golang.org/x/crypto v0.33.0 // indirect
|
||||
golang.org/x/crypto v0.36.0 // indirect
|
||||
golang.org/x/net v0.34.0 // indirect
|
||||
golang.org/x/sys v0.30.0 // indirect
|
||||
golang.org/x/text v0.22.0 // indirect
|
||||
golang.org/x/sys v0.31.0 // indirect
|
||||
golang.org/x/text v0.23.0 // indirect
|
||||
gopkg.in/yaml.v3 v3.0.1 // indirect
|
||||
)
|
||||
|
|
|
|||
16
go.sum
16
go.sum
|
|
@ -6,6 +6,8 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c
|
|||
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
github.com/gabriel-vasile/mimetype v1.4.8 h1:FfZ3gj38NjllZIeJAmMhr+qKL8Wu+nOoI3GqacKw1NM=
|
||||
github.com/gabriel-vasile/mimetype v1.4.8/go.mod h1:ByKUIKGjh1ODkGM1asKUbQZOLGrPjydw3hYPU2YU9t8=
|
||||
github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s=
|
||||
github.com/go-playground/assert/v2 v2.2.0/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4=
|
||||
github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/oXslEjJA=
|
||||
github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY=
|
||||
github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY=
|
||||
|
|
@ -32,6 +34,8 @@ github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw=
|
|||
github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
|
||||
github.com/magiconair/properties v1.8.9 h1:nWcCbLq1N2v/cpNsy5WvQ37Fb+YElfq20WJ/a8RkpQM=
|
||||
github.com/magiconair/properties v1.8.9/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0=
|
||||
github.com/matthewhartstonge/argon2 v1.2.0 h1:oHo0H92JcmG4q5Ax6MuwDHa6iuJPz97RLwSfqcrjsSY=
|
||||
github.com/matthewhartstonge/argon2 v1.2.0/go.mod h1:2zMl2u3Ooe9zkpeU61cmcAJ4vgMC3YfvRbKWnPg0wAU=
|
||||
github.com/mattn/go-sqlite3 v1.14.22 h1:2gZY6PC6kBnID23Tichd1K+Z0oS6nE/XwU+Vz/5o4kU=
|
||||
github.com/mattn/go-sqlite3 v1.14.22/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
|
||||
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
|
||||
|
|
@ -42,14 +46,14 @@ github.com/shopspring/decimal v1.4.0 h1:bxl37RwXBklmTi0C79JfXCEBD1cqqHt0bbgBAGFp
|
|||
github.com/shopspring/decimal v1.4.0/go.mod h1:gawqmDU56v4yIKSwfBSFip1HdCCXN8/+DMd9qYNcwME=
|
||||
github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
|
||||
github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
|
||||
golang.org/x/crypto v0.33.0 h1:IOBPskki6Lysi0lo9qQvbxiQ+FvsCC/YWOecCHAixus=
|
||||
golang.org/x/crypto v0.33.0/go.mod h1:bVdXmD7IV/4GdElGPozy6U7lWdRXA4qyRVGJV57uQ5M=
|
||||
golang.org/x/crypto v0.36.0 h1:AnAEvhDddvBdpY+uR+MyHmuZzzNqXSe/GvuDeob5L34=
|
||||
golang.org/x/crypto v0.36.0/go.mod h1:Y4J0ReaxCR1IMaabaSMugxJES1EpwhBHhv2bDHklZvc=
|
||||
golang.org/x/net v0.34.0 h1:Mb7Mrk043xzHgnRM88suvJFwzVrRfHEHJEl5/71CKw0=
|
||||
golang.org/x/net v0.34.0/go.mod h1:di0qlW3YNM5oh6GqDGQr92MyTozJPmybPK4Ev/Gm31k=
|
||||
golang.org/x/sys v0.30.0 h1:QjkSwP/36a20jFYWkSue1YwXzLmsV5Gfq7Eiy72C1uc=
|
||||
golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||
golang.org/x/text v0.22.0 h1:bofq7m3/HAFvbF51jz3Q9wLg3jkvSPuiZu/pD1XwgtM=
|
||||
golang.org/x/text v0.22.0/go.mod h1:YRoo4H8PVmsu+E3Ou7cqLVH8oXWIHVoX0jqUWALQhfY=
|
||||
golang.org/x/sys v0.31.0 h1:ioabZlmFYtWhL+TRYpcnNlLwhyxaM9kWTDEmfnprqik=
|
||||
golang.org/x/sys v0.31.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
|
||||
golang.org/x/text v0.23.0 h1:D71I7dUrlY+VX0gQShAThNGHFxZ13dGLBHQLVl1mJlY=
|
||||
golang.org/x/text v0.23.0/go.mod h1:/BLNzu4aZCJ1+kcD0DNRotWKage4q2rGVAg4o22unh4=
|
||||
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
|
||||
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
|
||||
|
|
|
|||
|
|
@ -19,7 +19,12 @@ func (s *Service) Login(login domain.AccountLogin) (*domain.Account, *core.HTTPE
|
|||
return nil, domain.ErrAccountNotFound
|
||||
}
|
||||
|
||||
if !core.ComparePassword(login.Password, account.Password) {
|
||||
ok, err := core.ComparePassword(login.Password, account.Password)
|
||||
if err != nil {
|
||||
return nil, domain.ErrBadPassword
|
||||
}
|
||||
|
||||
if !ok {
|
||||
return nil, domain.ErrBadPassword
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,12 +1,29 @@
|
|||
package core
|
||||
|
||||
import "golang.org/x/crypto/argon2"
|
||||
import (
|
||||
"github.com/matthewhartstonge/argon2"
|
||||
)
|
||||
|
||||
func HashPassword(password string) string {
|
||||
return string(argon2.IDKey([]byte(password), nil, 1, 64*1024, 4, 32))
|
||||
func HashPassword(password string) (string, error) {
|
||||
argon := instanceArgon2()
|
||||
|
||||
hash, err := argon.HashEncoded([]byte(password))
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
return string(hash), nil
|
||||
}
|
||||
|
||||
func ComparePassword(password string, hash string) bool {
|
||||
hashedPassword := HashPassword(password)
|
||||
return hashedPassword == hash
|
||||
func ComparePassword(password string, hash string) (bool, error) {
|
||||
ok, err := argon2.VerifyEncoded([]byte(password), []byte(hash))
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
|
||||
return ok, nil
|
||||
}
|
||||
|
||||
func instanceArgon2() argon2.Config {
|
||||
return argon2.DefaultConfig()
|
||||
}
|
||||
|
|
|
|||
|
|
@ -8,14 +8,11 @@ import (
|
|||
|
||||
func TestHashPassword(t *testing.T) {
|
||||
password := "password"
|
||||
hashedPassword := HashPassword(password)
|
||||
assert.NotEmpty(t, hashedPassword)
|
||||
t.Log(hashedPassword)
|
||||
assert.Equal(t, hashedPassword, "LOLPASSWORD")
|
||||
}
|
||||
hashedPassword, err := HashPassword(password)
|
||||
|
||||
func TestComparePassword(t *testing.T) {
|
||||
password := "password"
|
||||
hashedPassword := HashPassword(password)
|
||||
assert.True(t, ComparePassword(password, hashedPassword))
|
||||
assert.NoError(t, err)
|
||||
|
||||
hashedOk, err := ComparePassword(password, hashedPassword)
|
||||
assert.NoError(t, err)
|
||||
assert.True(t, hashedOk)
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue