[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-taldir] branch master updated: Add comments and minor fixes
From: |
gnunet |
Subject: |
[taler-taldir] branch master updated: Add comments and minor fixes |
Date: |
Tue, 19 Apr 2022 15:03:55 +0200 |
This is an automated email from the git hooks/post-receive script.
martin-schanzenbach pushed a commit to branch master
in repository taldir.
The following commit(s) were added to refs/heads/master by this push:
new 2dc276e Add comments and minor fixes
2dc276e is described below
commit 2dc276e4114538d41399da9105cc60f30db56de6
Author: Martin Schanzenbach <mschanzenbach@posteo.de>
AuthorDate: Tue Apr 19 15:03:47 2022 +0200
Add comments and minor fixes
---
taldir.go | 26 +++++++++++++++++++-------
1 file changed, 19 insertions(+), 7 deletions(-)
diff --git a/taldir.go b/taldir.go
index 45d52fa..8e2520f 100644
--- a/taldir.go
+++ b/taldir.go
@@ -77,6 +77,9 @@ func sendEmail(recipient string, ref Validation) {
fmt.Println("Email Sent Successfully!")
}
+// Primary lookup function.
+// Allows the caller to query a wallet key using the hash(!) of the
+// identity, e.g. sha256(<email address>)
func returnSingleEntry(w http.ResponseWriter, r *http.Request){
vars := mux.Vars(r)
var entry Entry
@@ -90,16 +93,19 @@ func returnSingleEntry(w http.ResponseWriter, r
*http.Request){
w.WriteHeader(http.StatusNotFound)
}
+// Hashes an identity key (e.g. sha256(<email address>)) with a salt for
+// Lookup and storage.
func hashIdentityKey(idkey string) string {
salt := make([]byte, len(config.Salt))
return base32.StdEncoding.EncodeToString(argon2.IDKey([]byte(idkey), salt,
1, 64*1024, 4, 32))
}
+// Called by the registrant to validate the registration request. The
reference ID was
+// provided "out of band" using a validation method such as email or SMS
func validateSingleEntry(w http.ResponseWriter, r *http.Request){
vars := mux.Vars(r)
var entry Entry
var validation Validation
- //TODO actually validate
var err = db.First(&validation, "validation_reference = ?",
vars["reference"]).Error
if err != nil {
w.WriteHeader(http.StatusNotFound)
@@ -127,6 +133,8 @@ func validateSingleEntry(w http.ResponseWriter, r
*http.Request){
w.WriteHeader(http.StatusCreated)
}
+
+// Generates random reference token used in the validation flow.
func generateToken() string {
randBytes := make([]byte, 32)
_, err := rand.Read(randBytes)
@@ -136,6 +144,7 @@ func generateToken() string {
return base32.StdEncoding.EncodeToString(randBytes)
}
+// Initiate a registration request for an identity
func addPendingValidation(w http.ResponseWriter, r *http.Request){
vars := mux.Vars(r)
var validation Validation
@@ -154,17 +163,20 @@ func addPendingValidation(w http.ResponseWriter, r
*http.Request){
http.Error(w, "Identity key type not supported.", 400)
return
}
- // TODO make sure sha256(vars["identity"]) == validation.IdentityKey
+ // TODO make sure sha256(vars["identity"]) == validation.IdentityKey or
simply set it?
h := sha256.New()
h.Write([]byte(vars["identity"]))
identityKey := base32.StdEncoding.EncodeToString(h.Sum(nil))
- if (identityKey != validation.IdentityKey) {
- fmt.Printf("Identity key hash %s does not match identity %s\n",
identityKey, validation.IdentityKey)
- w.WriteHeader(http.StatusBadRequest)
- return
+ if "" != validation.IdentityKey {
+ if (identityKey != validation.IdentityKey) {
+ fmt.Printf("Identity key hash %s does not match identity %s\n",
identityKey, validation.IdentityKey)
+ w.WriteHeader(http.StatusBadRequest)
+ return
+ }
+ } else {
+ validation.IdentityKey = identityKey
}
validation.ValidationReference = generateToken()
- fmt.Println("Got ID key:", validation.IdentityKey)
err = db.First(&validation, "identity_key = ?", validation.IdentityKey).Error
if err == nil {
w.WriteHeader(http.StatusConflict)
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-taldir] branch master updated: Add comments and minor fixes,
gnunet <=