a
/
gosora
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

save bytes

This commit is contained in:
Azareal 2020-04-05 13:18:36 +10:00
parent 22af6f19cd
commit 709b0d5541
13 changed files with 91 additions and 91 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
common/auth.go
View File

@ -17,7 +17,7 @@ import (
"strings"
"github.com/Azareal/Gosora/common/gauth"
"github.com/Azareal/Gosora/query_gen"
qgen "github.com/Azareal/Gosora/query_gen"
//"golang.org/x/crypto/argon2"
"golang.org/x/crypto/bcrypt"
@ -66,16 +66,16 @@ var HashPrefixes = map[string]string{
// AuthInt is the main authentication interface.
type AuthInt interface {
Authenticate(username string, password string) (uid int, err error, requiresExtraAuth bool)
Authenticate(name, password string) (uid int, err error, requiresExtraAuth bool)
ValidateMFAToken(mfaToken string, uid int) error
Logout(w http.ResponseWriter, uid int)
ForceLogout(uid int) error
SetCookies(w http.ResponseWriter, uid int, session string)
SetProvisionalCookies(w http.ResponseWriter, uid int, session string, signedSession string) // To avoid logging someone in until they've passed the MFA check
SetProvisionalCookies(w http.ResponseWriter, uid int, session, signedSession string) // To avoid logging someone in until they've passed the MFA check
GetCookies(r *http.Request) (uid int, session string, err error)
SessionCheck(w http.ResponseWriter, r *http.Request) (user *User, halt bool)
SessionCheck(w http.ResponseWriter, r *http.Request) (u *User, halt bool)
CreateSession(uid int) (session string, err error)
CreateProvisionalSession(uid int) (provSession string, signedSession string, err error) // To avoid logging someone in until they've passed the MFA check
CreateProvisionalSession(uid int) (provSession, signedSession string, err error) // To avoid logging someone in until they've passed the MFA check
}
// DefaultAuth is the default authenticator used by Gosora, may be swapped with an alternate authenticator in some situations. E.g. To support LDAP.
@ -98,9 +98,9 @@ func NewDefaultAuth() (*DefaultAuth, error) {
// Authenticate checks if a specific username and password is valid and returns the UID for the corresponding user, if so. Otherwise, a user safe error.
// IF MFA is enabled, then pass it back a flag telling the caller that authentication isn't complete yet
// TODO: Find a better way of handling errors we don't want to reach the user
func (auth *DefaultAuth) Authenticate(username string, password string) (uid int, err error, requiresExtraAuth bool) {
func (auth *DefaultAuth) Authenticate(name string, password string) (uid int, err error, requiresExtraAuth bool) {
var realPassword, salt string
err = auth.login.QueryRow(username).Scan(&uid, &realPassword, &salt)
err = auth.login.QueryRow(name).Scan(&uid, &realPassword, &salt)
if err == ErrNoRows {
return 0, ErrNoUserByName, false
} else if err != nil {
@ -295,7 +295,7 @@ func (auth *DefaultAuth) CreateProvisionalSession(uid int) (provSession string,
return provSession, hex.EncodeToString(h.Sum(nil)), nil
}
func CheckPassword(realPassword string, password string, salt string) (err error) {
func CheckPassword(realPassword, password, salt string) (err error) {
blasted := strings.Split(realPassword, "$")
prefix := blasted[0]
if len(blasted) > 1 {
@ -309,7 +309,7 @@ func CheckPassword(realPassword string, password string, salt string) (err error
return checker(realPassword, password, salt)
}
func GeneratePassword(password string) (hash string, salt string, err error) {
func GeneratePassword(password string) (hash, salt string, err error) {
gen, ok := GeneratePasswordFuncs[DefaultHashAlgo]
if !ok {
return "", "", ErrHashNotExist
@ -317,12 +317,12 @@ func GeneratePassword(password string) (hash string, salt string, err error) {
return gen(password)
}
func BcryptCheckPassword(realPassword string, password string, salt string) (err error) {
func BcryptCheckPassword(realPassword, password, salt string) (err error) {
return bcrypt.CompareHashAndPassword([]byte(realPassword), []byte(password+salt))
}
// Note: The salt is in the hash, therefore the salt parameter is blank
func BcryptGeneratePassword(password string) (hash string, salt string, err error) {
func BcryptGeneratePassword(password string) (hash, salt string, err error) {
hashedPassword, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
if err != nil {
return "", "", err
@ -337,7 +337,7 @@ func BcryptGeneratePassword(password string) (hash string, salt string, err erro
argon2KeyLen uint32 = 32
)
func Argon2CheckPassword(realPassword string, password string, salt string) (err error) {
func Argon2CheckPassword(realPassword, password, salt string) (err error) {
split := strings.Split(realPassword, "$")
// TODO: Better validation
if len(split) < 5 {
@ -355,7 +355,7 @@ func Argon2CheckPassword(realPassword string, password string, salt string) (err
return nil
}
func Argon2GeneratePassword(password string) (hash string, salt string, err error) {
func Argon2GeneratePassword(password string) (hash, salt string, err error) {
sbytes := make([]byte, SaltLength)
_, err = rand.Read(sbytes)
if err != nil {
@ -380,7 +380,7 @@ func FriendlyGAuthSecret(secret string) (out string) {
func GenerateGAuthSecret() (string, error) {
return GenerateStd32SafeString(14)
}
func VerifyGAuthToken(secret string, token string) (bool, error) {
func VerifyGAuthToken(secret, token string) (bool, error) {
trueToken, err := gauth.GetTOTPToken(secret)
return subtle.ConstantTimeCompare([]byte(trueToken), []byte(token)) == 1, err
}

6
public/panel_menu_items.js
View File

@ -8,7 +8,7 @@ for(let i = 0; item = items[i]; i++) menuItems[i] = item.getAttribute("data-miid
Sortable.create(document.getElementById("panel_menu_item_holder"), {
sort: true,
onEnd: (evt) => {
onEnd: evt => {
console.log("pre menuItems",menuItems)
console.log("evt",evt)
let oldMiid = menuItems[evt.newIndex];
@ -37,8 +37,8 @@ document.getElementById("panel_menu_items_order_button").addEventListener("click
pushNotice(phraseBox["panel"]["panel.themes_menus_items_order_updated"]);
if(resp.success==1) return;
}
} catch(ex) {
console.error("ex", ex)
} catch(e) {
console.error("e",e)
}
console.trace();
}

2
templates/topic_alt_quick_reply.html
View File

@ -13,7 +13,7 @@
<div class="rowblock topic_reply_form quick_create_form"aria-label="{{lang "topic.reply_aria"}}">
<form id="quick_post_form"enctype="multipart/form-data"action="/reply/create/?s={{.CurrentUser.Session}}"method="post"></form>
<input form="quick_post_form"name="tid"value='{{.Topic.ID}}'type="hidden">
<input form="quick_post_form" id="has_poll_input" name="has_poll" value=0 type="hidden">
<input form="quick_post_form"id="has_poll_input"name="has_poll"type="hidden"value=0>
<div class="formrow real_first_child">
<div class="formitem">
<textarea id="input_content"form="quick_post_form"name="content"placeholder="{{lang "topic.reply_content_alt"}}" required></textarea>

4
templates/topics.html
View File

@ -1,6 +1,6 @@
{{template "header.html" . }}
<main id="topicsItemList" itemscope itemtype="http://schema.org/ItemList">
{{if not .CurrentUser.Loggedin}}<link rel="canonical"href="//{{.Site.URL}}/topics/{{if eq .Sort.SortBy "mostviewed"}}most-viewed/{{end}}{{if gt .Page 1}}?page={{.Page}}{{end}}"/>{{end}}
{{if not .CurrentUser.Loggedin}}<link rel="canonical"href="//{{.Site.URL}}/topics/{{if eq .Sort.SortBy "mostviewed"}}most-viewed/{{end}}{{if gt .Page 1}}?page={{.Page}}{{end}}">{{end}}
<div class="rowblock rowhead topic_list_title_block{{if .CurrentUser.Loggedin}} has_opt{{end}}">
<div class="rowitem topic_list_title"><h1 itemprop="name">{{.Title}}</h1></div>
@ -59,7 +59,7 @@
<div class="topic_meta">
<div class="formrow topic_board_row real_first_child">
<div class="formitem"><select form="quick_post_form" id="topic_board_input" name="board">
{{range .ForumList}}<option{{if eq .ID $.DefaultForum}} selected{{end}} value="{{.ID}}">{{.Name}}</option>{{end}}
{{range .ForumList}}<option value="{{.ID}}"{{if eq .ID $.DefaultForum}}selected{{end}}>{{.Name}}</option>{{end}}
</select></div>
</div>
<div class="formrow topic_name_row">