fix: password validation and auth and minor tweaks in code. removing …

…fmt.Println statements.
puni9869 · May 21, 2024 · 47fedca · 47fedca
1 parent 9abb8bc
commit 47fedca
Show file tree

Hide file tree

Showing 5 changed files with 16 additions and 11 deletions.
diff --git a/cmd/command/version.go b/cmd/command/version.go
@@ -16,7 +16,7 @@ var Version = cli.Command{
 const version = "v1.0"
 
 // versionAction prints the current version
-func versionAction(ctx *cli.Context) error {
+func versionAction(_ *cli.Context) error {
 	fmt.Println(version)
 	return nil
 }
diff --git a/config/local.json b/config/local.json
@@ -20,7 +20,7 @@
     "postgres": {
       "type": "postgres",
       "host": "127.0.0.1",
-      "username": "punitinani",
+      "username": "puni9869",
       "password": "",
       "port": "5432",
       "databaseName": "pinmyblogs",

diff --git a/models/session.go b/models/session.go
@@ -1,9 +1,16 @@
 package models
 
-import "gorm.io/gorm"
+import (
+	"time"
+
+	"gorm.io/gorm"
+)
 
 // Session is gorm sessionstore shadow  to properly delete the session
 type Session struct {
-	gorm.Model
-	data string //lint:ignore U1000 Ignore unused function temporarily for debugging
+	ID        string `gorm:"primarykey;size:65"`
+	CreatedAt time.Time
+	UpdatedAt time.Time
+	DeletedAt gorm.DeletedAt `gorm:"index"`
+	data      string         //lint:ignore U1000 Ignore unused function temporarily for debugging
 }
diff --git a/pkg/config/config.go b/pkg/config/config.go
@@ -2,7 +2,6 @@ package config
 
 import (
 	"errors"
-	"fmt"
 
 	"github.com/spf13/viper"
 )
@@ -85,7 +84,6 @@ func LoadConfig(environment string) error {
 		return err
 	}
 	err = viper.Unmarshal(&C)
-	fmt.Println(C)
 	if err != nil {
 		return err
 	}

diff --git a/server/auth/login.go b/server/auth/login.go
@@ -4,6 +4,7 @@ import (
 	"crypto/sha256"
 	"fmt"
 	"net/http"
+	"strings"
 
 	"github.com/gin-contrib/sessions"
 	"github.com/gin-gonic/gin"
@@ -35,12 +36,11 @@ func LoginPost(c *gin.Context) {
 		c.Abort()
 		return
 	}
+
 	h := sha256.New()
-	h.Write([]byte(password))
 	bs := h.Sum(nil)
-	pas := fmt.Sprintf("%x", bs)
-	fmt.Println(pas)
-	if fmt.Sprintf("%x", bs) != user.Password {
+	pass := fmt.Sprintf("%x", bs)
+	if strings.Compare(pass, user.Password) != 0 {
 		log.WithField("email", email).WithError(result.Error).Error("Invalid password.")
 		c.HTML(http.StatusUnauthorized, "login.tmpl", gin.H{"HasError": true, "Error": "Invalid email or password"})
 		c.Abort()