Главная Обзор Помощь
Вход
mirrors
/
ntfy
зеркало из https://github.com/binwiederhier/ntfy
1
0
Ответвить 0
Файлы Задачи 0 Вики
Дерево: eac523dcf9
Ветки Метки
ntfy
/
user
/
util.go

util.go 2.4 KB
История Исходник

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273 
  1. package user
    2. 

  2. 

  3. import (
    4. 

  4. 	"golang.org/x/crypto/bcrypt"
    5. 

  5. 	"heckel.io/ntfy/v2/util"
    6. 

  6. 	"regexp"
    7. 

  7. 	"strings"
    8. 

  8. )
    9. 

  9. 

  10. var (
    11. 

  11. 	allowedUsernameRegex     = regexp.MustCompile(`^[-_.+@a-zA-Z0-9]+$`)    // Does not include Everyone (*)
    12. 

  12. 	allowedTopicRegex        = regexp.MustCompile(`^[-_A-Za-z0-9]{1,64}$`)  // No '*'
    13. 

  13. 	allowedTopicPatternRegex = regexp.MustCompile(`^[-_*A-Za-z0-9]{1,64}$`) // Adds '*' for wildcards!
    14. 

  14. 	allowedTierRegex         = regexp.MustCompile(`^[-_A-Za-z0-9]{1,64}$`)
    15. 

  15. 	allowedTokenRegex        = regexp.MustCompile(`^tk_[-_A-Za-z0-9]{29}$`) // Must be tokenLength-len(tokenPrefix)
    16. 

  16. )
    17. 

  17. 

  18. // AllowedRole returns true if the given role can be used for new users
    19. 

  19. func AllowedRole(role Role) bool {
    20. 

  20. 	return role == RoleUser || role == RoleAdmin
    21. 

  21. }
    22. 

  22. 

  23. // AllowedUsername returns true if the given username is valid
    24. 

  24. func AllowedUsername(username string) bool {
    25. 

  25. 	return allowedUsernameRegex.MatchString(username)
    26. 

  26. }
    27. 

  27. 

  28. // AllowedTopic returns true if the given topic name is valid
    29. 

  29. func AllowedTopic(topic string) bool {
    30. 

  30. 	return allowedTopicRegex.MatchString(topic)
    31. 

  31. }
    32. 

  32. 

  33. // AllowedTopicPattern returns true if the given topic pattern is valid; this includes the wildcard character (*)
    34. 

  34. func AllowedTopicPattern(topic string) bool {
    35. 

  35. 	return allowedTopicPatternRegex.MatchString(topic)
    36. 

  36. }
    37. 

  37. 

  38. // AllowedTier returns true if the given tier name is valid
    39. 

  39. func AllowedTier(tier string) bool {
    40. 

  40. 	return allowedTierRegex.MatchString(tier)
    41. 

  41. }
    42. 

  42. 

  43. // ValidPasswordHash checks if the given password hash is a valid bcrypt hash
    44. 

  44. func ValidPasswordHash(hash string) error {
    45. 

  45. 	if !strings.HasPrefix(hash, "$2a$") && !strings.HasPrefix(hash, "$2b$") && !strings.HasPrefix(hash, "$2y$") {
    46. 

  46. 		return ErrPasswordHashInvalid
    47. 

  47. 	}
    48. 

  48. 	return nil
    49. 

  49. }
    50. 

  50. 

  51. // ValidToken returns true if the given token matches the naming convention
    52. 

  52. func ValidToken(token string) bool {
    53. 

  53. 	return allowedTokenRegex.MatchString(token)
    54. 

  54. }
    55. 

  55. 

  56. // GenerateToken generates a new token with a prefix and a fixed length
    57. 

  57. // Lowercase only to support "<topic>+<token>@<domain>" email addresses
    58. 

  58. func GenerateToken() string {
    59. 

  59. 	return util.RandomLowerStringPrefix(tokenPrefix, tokenLength)
    60. 

  60. }
    61. 

  61. 

  62. // HashPassword hashes the given password using bcrypt with the configured cost
    63. 

  63. func HashPassword(password string) (string, error) {
    64. 

  64. 	return hashPassword(password, DefaultUserPasswordBcryptCost)
    65. 

  65. }
    66. 

  66. 

  67. func hashPassword(password string, cost int) (string, error) {
    68. 

  68. 	hash, err := bcrypt.GenerateFromPassword([]byte(password), cost)
    69. 

  69. 	if err != nil {
    70. 

  70. 		return "", err
    71. 

  71. 	}
    72. 

  72. 	return string(hash), nil
    73. 

  73. }
    74.