mirror of
https://github.com/NginxProxyManager/nginx-proxy-manager.git
synced 2025-10-31 15:53:33 +00:00
99 lines
2.3 KiB
Go
99 lines
2.3 KiB
Go
package auth
|
|
|
|
import (
|
|
goerrors "errors"
|
|
"fmt"
|
|
"time"
|
|
|
|
"npm/internal/database"
|
|
"npm/internal/types"
|
|
|
|
"golang.org/x/crypto/bcrypt"
|
|
)
|
|
|
|
const (
|
|
tableName = "auth"
|
|
|
|
// TypePassword is the Password Type
|
|
TypePassword = "password"
|
|
)
|
|
|
|
// Model is the user model
|
|
type Model struct {
|
|
ID int `json:"id" db:"id"`
|
|
UserID int `json:"user_id" db:"user_id"`
|
|
Type string `json:"type" db:"type"`
|
|
Secret string `json:"secret,omitempty" db:"secret"`
|
|
CreatedOn types.DBDate `json:"created_on" db:"created_on"`
|
|
ModifiedOn types.DBDate `json:"modified_on" db:"modified_on"`
|
|
IsDeleted bool `json:"is_deleted,omitempty" db:"is_deleted"`
|
|
}
|
|
|
|
func (m *Model) getByQuery(query string, params []interface{}) error {
|
|
return database.GetByQuery(m, query, params)
|
|
}
|
|
|
|
// LoadByID will load from an ID
|
|
func (m *Model) LoadByID(id int) error {
|
|
query := fmt.Sprintf("SELECT * FROM `%s` WHERE id = ? LIMIT 1", tableName)
|
|
params := []interface{}{id}
|
|
return m.getByQuery(query, params)
|
|
}
|
|
|
|
// LoadByUserIDType will load from an ID
|
|
func (m *Model) LoadByUserIDType(userID int, authType string) error {
|
|
query := fmt.Sprintf("SELECT * FROM `%s` WHERE user_id = ? AND type = ? LIMIT 1", tableName)
|
|
params := []interface{}{userID, authType}
|
|
return m.getByQuery(query, params)
|
|
}
|
|
|
|
// Touch will update model's timestamp(s)
|
|
func (m *Model) Touch(created bool) {
|
|
var d types.DBDate
|
|
d.Time = time.Now()
|
|
if created {
|
|
m.CreatedOn = d
|
|
}
|
|
m.ModifiedOn = d
|
|
}
|
|
|
|
// Save will save this model to the DB
|
|
func (m *Model) Save() error {
|
|
var err error
|
|
|
|
if m.ID == 0 {
|
|
m.ID, err = Create(m)
|
|
} else {
|
|
err = Update(m)
|
|
}
|
|
|
|
return err
|
|
}
|
|
|
|
// SetPassword will generate a hashed password based on given string
|
|
func (m *Model) SetPassword(password string) error {
|
|
hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.MinCost+2)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
m.Type = TypePassword
|
|
m.Secret = string(hash)
|
|
|
|
return nil
|
|
}
|
|
|
|
// ValidateSecret will check if a given secret matches the encrypted secret
|
|
func (m *Model) ValidateSecret(secret string) error {
|
|
if m.Type != TypePassword {
|
|
return goerrors.New("Could not validate Secret, auth type is not a Password")
|
|
}
|
|
|
|
err := bcrypt.CompareHashAndPassword([]byte(m.Secret), []byte(secret))
|
|
if err != nil {
|
|
return goerrors.New("Invalid Password")
|
|
}
|
|
|
|
return nil
|
|
}
|