dkforest

A forum and chat platform (onion)
git clone https://git.dasho.dev/n0tr1v/dkforest.git
Log | Files | Refs | LICENSE
commit 1267e0c115d19aa8f064b9ab356cf38b532ff275
parent 260c82b46c4a1d9b637fd0dae509d132bb837b7b
Author: n0tr1v <n0tr1v@protonmail.com>
Date:   Wed, 11 Jan 2023 11:00:21 -0800

cleanup

Diffstat:

Mpkg/database/tableChatRooms.go | 6+++++-


Mpkg/database/tableGists.go | 10++++++++++


Mpkg/web/handlers/admin.go | 4++--


Mpkg/web/handlers/handlers.go | 2+-


4 files changed, 18 insertions(+), 4 deletions(-)

diff --git a/pkg/database/tableChatRooms.go b/pkg/database/tableChatRooms.go
@@ -52,7 +52,11 @@ func GetRoomDecryptionKey(password string) string {
 }
 
 func getRoomSaltedPasswordBytes(password string) []byte {
-	return []byte(config.RoomPasswordSalt + password)
+	return getSaltedPasswordBytes(config.RoomPasswordSalt, password)
+}
+
+func getSaltedPasswordBytes(salt, password string) []byte {
+	return []byte(salt + password)
 }
 
 // IsOwned returns either or not a user created the room
diff --git a/pkg/database/tableGists.go b/pkg/database/tableGists.go
@@ -1,6 +1,8 @@
 package database
 
 import (
+	"dkforest/pkg/config"
+	"dkforest/pkg/utils"
 	"time"
 
 	hutils "dkforest/pkg/web/handlers/utils"
@@ -24,6 +26,14 @@ func GetGistByUUID(uuid string) (out Gist, err error) {
 	return
 }
 
+func GetGistPasswordHash(password string) string {
+	return utils.Sha512(getGistSaltedPasswordBytes(password))
+}
+
+func getGistSaltedPasswordBytes(password string) []byte {
+	return getSaltedPasswordBytes(config.GistPasswordSalt, password)
+}
+
 func (g *Gist) HasAccess(c echo.Context) bool {
 	if g.Password == "" {
 		return true
diff --git a/pkg/web/handlers/admin.go b/pkg/web/handlers/admin.go
@@ -34,7 +34,7 @@ func AdminNewGistHandler(c echo.Context) error {
 		}
 		passwordHash := ""
 		if data.Password != "" {
-			passwordHash = utils.Sha512([]byte(config.GistPasswordSalt + data.Password))
+			passwordHash = database.GetGistPasswordHash(data.Password)
 		}
 		gist := database.Gist{Name: data.Name, Password: passwordHash, UserID: authUser.ID, Content: data.Content}
 		gist.UUID = uuid.New().String()
@@ -76,7 +76,7 @@ func AdminEditGistHandler(c echo.Context) error {
 		}
 		passwordHash := ""
 		if data.Password != "" && data.Password != "*****" {
-			passwordHash = utils.Sha512([]byte(config.GistPasswordSalt + data.Password))
+			passwordHash = database.GetGistPasswordHash(data.Password)
 			gist.Password = passwordHash
 		}
 		gist.Name = data.Name
diff --git a/pkg/web/handlers/handlers.go b/pkg/web/handlers/handlers.go
@@ -1720,7 +1720,7 @@ func GistHandler(c echo.Context) error {
 		}
 
 		password := c.Request().PostFormValue("password")
-		hashedPassword := utils.Sha512([]byte(config.GistPasswordSalt + password))
+		hashedPassword := database.GetGistPasswordHash(password)
 		if hashedPassword != gist.Password {
 			data.Error = "Invalid password"
 			return c.Render(http.StatusOK, "gist-password", data)