refact(auth): login password with encode

ArtisanCloud · Oct 23, 2024 · 1fcb974 · 1fcb974
1 parent e9ebb3d
commit 1fcb974
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 4 deletions.
diff --git a/internal/logic/web/customer/auth/loginlogic.go b/internal/logic/web/customer/auth/loginlogic.go
@@ -38,8 +38,6 @@ func (l *LoginLogic) Login(req *types.CustomerLoginRequest) (resp *types.Custome
 		return nil, errorx.WithCause(errorx.ErrBadRequest, "密码为空")
 	}
 
-	//hashPassword = securityx.HashPassword()
-
 	if !securityx.CheckPassword(customer.Password, req.Password) {
 		return nil, errorx.WithCause(errorx.ErrBadRequest, "密码不正确")
 	}

diff --git a/internal/model/organization/user.go b/internal/model/organization/user.go
@@ -3,6 +3,7 @@ package organization
 import (
 	"PowerX/internal/model"
 	"PowerX/internal/model/powermodel"
+	"PowerX/pkg/securityx"
 	"github.com/pkg/errors"
 	"golang.org/x/crypto/bcrypt"
 	"gorm.io/gorm"
@@ -49,6 +50,9 @@ func (mdl *User) GetTableName(needFull bool) string {
 
 func (mdl *User) HashPassword() (err error) {
 	if mdl.Password != "" {
+		// 先encode一下plain的密码
+		mdl.Password = securityx.EncodePassword(mdl.Password)
+		// hash编码过的密码
 		mdl.Password, err = HashPassword(mdl.Password)
 	}
 	return nil

diff --git a/internal/model/organization/user_test.go b/internal/model/organization/user_test.go
@@ -2,15 +2,20 @@ package organization
 
 import (
 	fmt "PowerX/pkg/printx"
+	"PowerX/pkg/securityx"
 	"github.com/stretchr/testify/assert"
 	"testing"
 )
 
 func Test_HashPassword(t *testing.T) {
 	pwd := "root"
-	encodedPassword, _ := HashPassword(pwd)
+	encodedPassword := securityx.EncodePassword(pwd)
 	fmt.Dump(encodedPassword)
 
-	result := VerifyPassword("$2a$04$G68CjMtt1qCkD9.heW.d4ul7uER7SZIGP3gQJJzHgir4pJW1Mksre", pwd)
+	hashedPassword, _ := HashPassword(pwd)
+	fmt.Dump(hashedPassword)
+
+	//result := VerifyPassword("$2a$04$G68CjMtt1qCkD9.heW.d4ul7uER7SZIGP3gQJJzHgir4pJW1Mksre", pwd)
+	result := VerifyPassword("$2a$04$j.nXwFJhAhr/oMebW42/H.EOFs8Hke8AZ2Lr3u/0b0vWZWuTVsEYC", encodedPassword)
 	assert.EqualValues(t, true, result)
 }