2gW94/3x-ui
1
0
Fork 0
mirror of https://github.com/MHSanaei/3x-ui.git synced 2025-12-18 05:04:40 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat: hashing user passwords
Some checks are pending
Build and Release 3X-UI / build (386) (push) Waiting to run
Details
Build and Release 3X-UI / build (amd64) (push) Waiting to run
Details
Build and Release 3X-UI / build (arm64) (push) Waiting to run
Details
Build and Release 3X-UI / build (armv5) (push) Waiting to run
Details
Build and Release 3X-UI / build (armv6) (push) Waiting to run
Details
Build and Release 3X-UI / build (armv7) (push) Waiting to run
Details
Build and Release 3X-UI / build (s390x) (push) Waiting to run
Details

Browse Source 
solves problems #2944, #2783
This commit is contained in:
Columbiysky
2025-05-03 12:27:53 +03:00
committed by GitHub
parent 3d54e33051
commit 85cbad3ef4
5 changed files with 101 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
web/service/user.go
View File

@@ -6,6 +6,7 @@ import (
"x-ui/database"
"x-ui/database/model"
"x-ui/logger"
"x-ui/util/crypto"
"gorm.io/gorm"
)
@@ -29,8 +30,9 @@ func (s *UserService) CheckUser(username string, password string, secret string)
db := database.GetDB()
user := &model.User{}
err := db.Model(model.User{}).
Where("username = ? and password = ? and login_secret = ?", username, password, secret).
Where("username = ? and login_secret = ?", username, secret).
First(user).
Error
if err == gorm.ErrRecordNotFound {
@@ -39,14 +41,25 @@ func (s *UserService) CheckUser(username string, password string, secret string)
logger.Warning("check user err:", err)
return nil
}
return user
if crypto.CheckPasswordHash(user.Password, password) {
return user
}
return nil
}
func (s *UserService) UpdateUser(id int, username string, password string) error {
db := database.GetDB()
hashedPassword, err := crypto.HashPasswordAsBcrypt(password)
if err != nil {
return err
}
return db.Model(model.User{}).
Where("id = ?", id).
Updates(map[string]any{"username": username, "password": password}).
Updates(map[string]any{"username": username, "password": hashedPassword}).
Error
}
@@ -100,17 +113,23 @@ func (s *UserService) UpdateFirstUser(username string, password string) error {
} else if password == "" {
return errors.New("password can not be empty")
}
hashedPassword, er := crypto.HashPasswordAsBcrypt(password)
if er != nil {
return er
}
db := database.GetDB()
user := &model.User{}
err := db.Model(model.User{}).First(user).Error
if database.IsNotFound(err) {
user.Username = username
user.Password = password
user.Password = hashedPassword
return db.Model(model.User{}).Create(user).Error
} else if err != nil {
return err
}
user.Username = username
user.Password = password
user.Password = hashedPassword
return db.Save(user).Error
}