git.r.bdr.sh - rbdr/mobius/blame_incremental

... / ...

Commit	Line	Data
	1	package hotline
	2
	3	import (
	4	"encoding/binary"
	5	"fmt"
	6	"golang.org/x/crypto/bcrypt"
	7	"io"
	8	"slices"
	9	)
	10
	11	const GuestAccount = "guest" // default account used when no login is provided for a connection
	12
	13	type Account struct {
	14	Login string `yaml:"Login"`
	15	Name string `yaml:"Name"`
	16	Password string `yaml:"Password"`
	17	Access accessBitmap `yaml:"Access,flow"`
	18
	19	readOffset int // Internal offset to track read progress
	20	}
	21
	22	func NewAccount(login, name, password string, access accessBitmap) *Account {
	23	return &Account{
	24	Login: login,
	25	Name: name,
	26	Password: hashAndSalt([]byte(password)),
	27	Access: access,
	28	}
	29	}
	30
	31	// Read implements io.Reader interface for Account
	32	func (a *Account) Read(p []byte) (int, error) {
	33	fields := []Field{
	34	NewField(FieldUserName, []byte(a.Name)),
	35	NewField(FieldUserLogin, encodeString([]byte(a.Login))),
	36	NewField(FieldUserAccess, a.Access[:]),
	37	}
	38
	39	if bcrypt.CompareHashAndPassword([]byte(a.Password), []byte("")) != nil {
	40	fields = append(fields, NewField(FieldUserPassword, []byte("x")))
	41	}
	42
	43	fieldCount := make([]byte, 2)
	44	binary.BigEndian.PutUint16(fieldCount, uint16(len(fields)))
	45
	46	var fieldBytes []byte
	47	for _, field := range fields {
	48	b, err := io.ReadAll(&field)
	49	if err != nil {
	50	return 0, fmt.Errorf("error reading field: %w", err)
	51	}
	52	fieldBytes = append(fieldBytes, b...)
	53	}
	54
	55	buf := slices.Concat(fieldCount, fieldBytes)
	56	if a.readOffset >= len(buf) {
	57	return 0, io.EOF // All bytes have been read
	58	}
	59
	60	n := copy(p, buf[a.readOffset:])
	61	a.readOffset += n
	62
	63	return n, nil
	64	}
	65
	66	// hashAndSalt generates a password hash from a users obfuscated plaintext password
	67	func hashAndSalt(pwd []byte) string {
	68	hash, _ := bcrypt.GenerateFromPassword(pwd, bcrypt.MinCost)
	69
	70	return string(hash)
	71	}