move setting pwd & comparing into user model + tests

2018-08-01 13:13:42 +02:00 · 2018-08-01 13:13:42 +02:00 · 33ffa557ee
parent 4ecaff85ac
commit 33ffa557ee
4 changed files with 56 additions and 11 deletions
--- a/cmd/fathom/register.go
+++ b/cmd/fathom/register.go
@ -7,7 +7,6 @@ import (
 	log "github.com/sirupsen/logrus"
 	"github.com/urfave/cli"
 	"github.com/usefathom/fathom/pkg/models"
-	"golang.org/x/crypto/bcrypt"
 )

 var registerCmd = cli.Command{
@ -30,7 +29,7 @@ var registerCmd = cli.Command{
 func register(c *cli.Context) error {
 	email := c.String("email")
 	if email == "" {
-		return errors.New("Invalid arguments: missing email address")
+		return errors.New("Invalid arguments: missing email")
 	}

 	password := c.String("password")
@ -38,12 +37,8 @@ func register(c *cli.Context) error {
 		return errors.New("Invalid arguments: missing password")
 	}

-	hash, _ := bcrypt.GenerateFromPassword([]byte(password), 10)
-	user := &models.User{
-		Email:    email,
-		Password: string(hash),
-	}
-	err := app.database.SaveUser(user)
+	user := models.NewUser(email, password)
+	err := app.database.SaveUser(&user)

 	if err != nil {
 		return fmt.Errorf("Error creating user: %s", err)
--- a/pkg/api/auth.go
+++ b/pkg/api/auth.go
@ -6,7 +6,6 @@ import (
 	"net/http"

 	"github.com/usefathom/fathom/pkg/datastore"
-	"golang.org/x/crypto/bcrypt"
 )

 type key int
@ -24,7 +23,10 @@ type login struct {
 func (api *API) LoginHandler(w http.ResponseWriter, r *http.Request) error {
 	// check login creds
 	var l login
-	json.NewDecoder(r.Body).Decode(&l)
+	err := json.NewDecoder(r.Body).Decode(&l)
+	if err != nil {
+		return err
+	}

 	// find user with given email
 	u, err := api.database.GetUserByEmail(l.Email)
@ -33,7 +35,7 @@ func (api *API) LoginHandler(w http.ResponseWriter, r *http.Request) error {
 	}

 	// compare pwd
-	if err == datastore.ErrNoResults || bcrypt.CompareHashAndPassword([]byte(u.Password), []byte(l.Password)) != nil {
+	if err == datastore.ErrNoResults || u.ComparePassword(l.Password) != nil {
 		w.WriteHeader(http.StatusUnauthorized)
 		return respond(w, envelope{Error: "invalid_credentials"})
 	}
--- a/pkg/models/user.go
+++ b/pkg/models/user.go
@ -1,7 +1,28 @@
 package models

+import (
+	"golang.org/x/crypto/bcrypt"
+)
+
 type User struct {
 	ID       int64
 	Email    string
 	Password string `json:"-"`
 }
+
+func NewUser(e string, pwd string) User {
+	u := User{
+		Email: e,
+	}
+	u.SetPassword(pwd)
+	return u
+}
+
+func (u *User) SetPassword(pwd string) {
+	hash, _ := bcrypt.GenerateFromPassword([]byte(pwd), bcrypt.DefaultCost)
+	u.Password = string(hash)
+}
+
+func (u *User) ComparePassword(pwd string) error {
+	return bcrypt.CompareHashAndPassword([]byte(u.Password), []byte(pwd))
+}
--- a/pkg/models/user_test.go
+++ b/pkg/models/user_test.go
@ -0,0 +1,27 @@
+package models
+
+import (
+	"testing"
+)
+
+func TestNewUser(t *testing.T) {
+	email := "foo@bar.com"
+	pwd := "passw0rd01"
+	u := NewUser(email, pwd)
+
+	if u.Email != email {
+		t.Errorf("Email: expected %s, got %s", email, u.Email)
+	}
+
+	if u.ComparePassword(pwd) != nil {
+		t.Error("Password not set correctly")
+	}
+}
+
+func TestUserPassword(t *testing.T) {
+	u := &User{}
+	u.SetPassword("password")
+	if u.ComparePassword("password") != nil {
+		t.Errorf("Password should match, but does not")
+	}
+}