forked from Deuxfleurs/guichet
Use Argon2 hash function
This commit is contained in:
parent
193e28cf00
commit
e1b5980f27
5 changed files with 14 additions and 9 deletions
1
go.mod
1
go.mod
|
@ -10,4 +10,5 @@ require (
|
|||
github.com/gorilla/mux v1.7.3
|
||||
github.com/gorilla/sessions v1.2.0
|
||||
github.com/sirupsen/logrus v1.4.2
|
||||
golang.org/x/crypto v0.0.0-20200214034016-1d94cc7ab1c6
|
||||
)
|
||||
|
|
7
go.sum
7
go.sum
|
@ -23,5 +23,12 @@ github.com/sirupsen/logrus v1.4.2 h1:SPIRibHv4MatM3XXNO2BJeFLZwZ2LvZgfQ5+UNI2im4
|
|||
github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
|
||||
github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
||||
github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
|
||||
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
|
||||
golang.org/x/crypto v0.0.0-20200214034016-1d94cc7ab1c6 h1:Sy5bstxEqwwbYs6n0/pBuxKENqOeZUgD45Gp3Q3pqLg=
|
||||
golang.org/x/crypto v0.0.0-20200214034016-1d94cc7ab1c6/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
|
||||
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
||||
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20190422165155-953cdadca894 h1:Cz4ceDQGXuKRnVBDTS23GTn/pU5OE2C0WrNTOYK1Uuc=
|
||||
golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||
|
|
|
@ -12,7 +12,7 @@ job "guichet" {
|
|||
task "server" {
|
||||
driver = "docker"
|
||||
config {
|
||||
image = "lxpz/guichet_amd64:9"
|
||||
image = "lxpz/guichet_amd64:10"
|
||||
readonly_rootfs = true
|
||||
port_map {
|
||||
web_port = 9991
|
||||
|
|
|
@ -3,7 +3,6 @@ package main
|
|||
import (
|
||||
"bytes"
|
||||
"crypto/rand"
|
||||
"crypto/sha256"
|
||||
"encoding/binary"
|
||||
"encoding/hex"
|
||||
"fmt"
|
||||
|
@ -17,6 +16,7 @@ import (
|
|||
"github.com/emersion/go-smtp"
|
||||
"github.com/go-ldap/ldap/v3"
|
||||
"github.com/gorilla/mux"
|
||||
"golang.org/x/crypto/argon2"
|
||||
)
|
||||
|
||||
var EMAIL_REGEXP = regexp.MustCompile("^[a-zA-Z0-9.!#$%&'*+\\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$")
|
||||
|
@ -332,8 +332,8 @@ func readCode(code string) (code_id string, code_pw string) {
|
|||
}
|
||||
}
|
||||
|
||||
id_hash := sha256.Sum256([]byte("Guichet ID " + code_digits))
|
||||
pw_hash := sha256.Sum256([]byte("Guichet PW " + code_digits))
|
||||
id_hash := argon2.IDKey([]byte(code_digits), []byte("Guichet ID"), 2, 64*1024, 4, 32)
|
||||
pw_hash := argon2.IDKey([]byte(code_digits), []byte("Guichet PW"), 2, 64*1024, 4, 32)
|
||||
|
||||
code_id = hex.EncodeToString(id_hash[:8])
|
||||
code_pw = hex.EncodeToString(pw_hash[:16])
|
||||
|
|
|
@ -17,12 +17,9 @@
|
|||
Un code d'invitation a bien été envoyé à <code>{{ .CodeSentTo }}</code>.
|
||||
{{end}}
|
||||
{{if .CodeDisplay}}
|
||||
Le code généré est le suivant:
|
||||
Lien d'invitation :
|
||||
|
||||
<p style="text-align: center; font-size: 1.6em;" class="mt-4 mb-4">
|
||||
{{ .CodeDisplay }}
|
||||
</p>
|
||||
<p style="text-align: center" class="mt-4 mb-4">
|
||||
<p style="text-align: center; font-size: 1.4em" class="mt-4 mb-4">
|
||||
<a href="{{.WebBaseAddress}}/invitation/{{ .CodeDisplay }}">{{.WebBaseAddress}}/invitation/{{.CodeDisplay}}</a>
|
||||
</p>
|
||||
{{end}}
|
||||
|
|
Loading…
Reference in a new issue