From 0f3117c805df3f6c8b1c833dcd95c1b30a38032e Mon Sep 17 00:00:00 2001 From: yuli Date: Mon, 4 Aug 2025 13:19:35 +0300 Subject: [PATCH] rename dbobj.hash to dbobj.salt for clarity --- src/bunker.go | 2 +- src/conf.go | 2 +- src/service.go | 10 +++++----- src/users_db.go | 14 +++++++------- src/utils/utils.go | 4 ++-- src/xtokens_db.go | 6 +++--- 6 files changed, 19 insertions(+), 19 deletions(-) diff --git a/src/bunker.go b/src/bunker.go index 54ec4ff..876f8b8 100644 --- a/src/bunker.go +++ b/src/bunker.go @@ -30,7 +30,7 @@ var version string type dbcon struct { store storage.BackendDB masterKey []byte - hash []byte + salt []byte } // Config is u sed to store application configuration diff --git a/src/conf.go b/src/conf.go index ed7b459..7166336 100644 --- a/src/conf.go +++ b/src/conf.go @@ -72,6 +72,6 @@ func (dbobj dbcon) GlobalUserChangeEmail(oldEmail string, newEmail string) { } func (dbobj dbcon) GetCode() []byte { - code := dbobj.hash[4:12] + code := dbobj.salt[4:12] return code } diff --git a/src/service.go b/src/service.go index e5d18f6..6a01ca7 100644 --- a/src/service.go +++ b/src/service.go @@ -88,12 +88,12 @@ func loadService() { log.Printf("Filed to open db: %s", err) os.Exit(0) } - hash := md5.Sum(masterKey) - db := &dbcon{store, masterKey, hash[:]} + md5hash := md5.Sum(masterKey) + db := &dbcon{store, masterKey, md5hash[:]} e := mainEnv{db, cfg, make(chan struct{})} e.dbCleanup() initGeoIP() - initCaptcha(hash) + initCaptcha(md5hash) router := e.setupRouter() router = e.setupConfRouter(router) tlsConfig := &tls.Config{ @@ -180,7 +180,7 @@ func setupDB(dbPtr *string, masterKeyPtr *string, customRootToken string) (*dbco } log.Printf("Master key: %x\n", masterKey) } - hash := md5.Sum(masterKey) + md5hash := md5.Sum(masterKey) log.Println("Init database") store, err := storage.InitDB(dbPtr) for numAttempts := 60; err != nil && numAttempts > 0; numAttempts-- { @@ -193,7 +193,7 @@ func setupDB(dbPtr *string, masterKeyPtr *string, customRootToken string) (*dbco log.Fatalf("Databunker failed to init database, error %s\n\n", err.Error()) os.Exit(0) } - db := &dbcon{store, masterKey, hash[:]} + db := &dbcon{store, masterKey, md5hash[:]} rootToken, err := db.createRootXtoken(customRootToken) if err != nil { //log.Panic("error %s", err.Error()) diff --git a/src/users_db.go b/src/users_db.go index d7e8805..8796264 100644 --- a/src/users_db.go +++ b/src/users_db.go @@ -44,16 +44,16 @@ func (dbobj dbcon) createUserRecord(parsedData utils.UserJSONStruct, event *Audi // I use original md5(master_key) as a kind of salt here, // so no additional configuration field is needed here. if len(parsedData.LoginIdx) > 0 { - bdoc["loginidx"] = utils.HashString(dbobj.hash, parsedData.LoginIdx) + bdoc["loginidx"] = utils.HashString(dbobj.salt, parsedData.LoginIdx) } if len(parsedData.EmailIdx) > 0 { - bdoc["emailidx"] = utils.HashString(dbobj.hash, parsedData.EmailIdx) + bdoc["emailidx"] = utils.HashString(dbobj.salt, parsedData.EmailIdx) } if len(parsedData.PhoneIdx) > 0 { - bdoc["phoneidx"] = utils.HashString(dbobj.hash, parsedData.PhoneIdx) + bdoc["phoneidx"] = utils.HashString(dbobj.salt, parsedData.PhoneIdx) } if len(parsedData.CustomIdx) > 0 { - bdoc["customidx"] = utils.HashString(dbobj.hash, parsedData.CustomIdx) + bdoc["customidx"] = utils.HashString(dbobj.salt, parsedData.CustomIdx) } if event != nil { event.After = encodedStr @@ -235,7 +235,7 @@ func (dbobj dbcon) updateUserRecordDo(jsonDataPatch []byte, userTOKEN string, ol } if idxOldValue, ok := oldUserBson[idx+"idx"]; ok { if len(newIdxFinalValue) > 0 && len(idxOldValue.(string)) >= 0 { - idxStringHashHex := utils.HashString(dbobj.hash, newIdxFinalValue) + idxStringHashHex := utils.HashString(dbobj.salt, newIdxFinalValue) if idxStringHashHex == idxOldValue.(string) { //log.Println("Index value NOT changed!") actionCode = 0 @@ -255,7 +255,7 @@ func (dbobj dbcon) updateUserRecordDo(jsonDataPatch []byte, userTOKEN string, ol return nil, nil, true, fmt.Errorf("duplicate %s index", idx) } //log.Printf("Adding index3? %s\n", raw[idx]) - bdoc[idx+"idx"] = utils.HashString(dbobj.hash, newIdxFinalValue) + bdoc[idx+"idx"] = utils.HashString(dbobj.salt, newIdxFinalValue) } else if len(newIdxFinalValue) == 0 { bdel = append(bdel, idx+"idx") } @@ -314,7 +314,7 @@ func (dbobj dbcon) lookupUserRecordByIndex(indexName string, indexValue string, if indexName == "exptoken" { return dbobj.store.GetRecord(storage.TblName.Users, "exptoken", indexValue) } - idxStringHashHex := utils.HashString(dbobj.hash, indexValue) + idxStringHashHex := utils.HashString(dbobj.salt, indexValue) //log.Printf("Loading by %s, value: %s\n", indexName, indexValue) return dbobj.store.GetRecord(storage.TblName.Users, indexName+"idx", idxStringHashHex) } diff --git a/src/utils/utils.go b/src/utils/utils.go index dbb530e..64342d7 100644 --- a/src/utils/utils.go +++ b/src/utils/utils.go @@ -225,8 +225,8 @@ func GetArgEnvFileVariable(vname string, masterKeyPtr *string) string { return strings.TrimSpace(strvalue) } -func HashString(md5Salt []byte, src string) string { - stringToHash := append(md5Salt, []byte(src)...) +func HashString(salt []byte, src string) string { + stringToHash := append(salt, []byte(src)...) hashed := sha256.Sum256(stringToHash) return base64.StdEncoding.EncodeToString(hashed[:]) } diff --git a/src/xtokens_db.go b/src/xtokens_db.go index 3884385..96d84ac 100644 --- a/src/xtokens_db.go +++ b/src/xtokens_db.go @@ -40,7 +40,7 @@ func (dbobj dbcon) createRootXtoken(customRootXtoken string) (string, error) { } } bdoc := bson.M{} - bdoc["xtoken"] = utils.HashString(dbobj.hash, rootToken) + bdoc["xtoken"] = utils.HashString(dbobj.salt, rootToken) bdoc["type"] = "root" bdoc["token"] = "" _, err = dbobj.store.CreateRecord(storage.TblName.Xtokens, &bdoc) @@ -60,7 +60,7 @@ func (dbobj dbcon) genUserLoginXtoken(userTOKEN string) (string, string, error) if err != nil { return "", "", err } - hashedToken := utils.HashString(dbobj.hash, tokenUUID) + hashedToken := utils.HashString(dbobj.salt, tokenUUID) // by default login token for 30 minutes only expired := int32(time.Now().Unix()) + 10*60 bdoc := bson.M{} @@ -77,7 +77,7 @@ func (dbobj dbcon) checkUserAuthXToken(xtokenUUID string) (tokenAuthResult, erro if xtokenUUID != "DEMO" && utils.CheckValidUUID(xtokenUUID) == false { return result, errors.New("failed to authenticate") } - xtokenHashed := utils.HashString(dbobj.hash, xtokenUUID) + xtokenHashed := utils.HashString(dbobj.salt, xtokenUUID) if len(rootXTOKEN) > 0 && rootXTOKEN == xtokenHashed { //log.Println("It is a root token") result.ttype = "root"