38 lines
634 B
Go
38 lines
634 B
Go
package main
|
|
|
|
import (
|
|
// Standard
|
|
"database/sql"
|
|
)
|
|
|
|
func (session Session) UpdatePassword(currPass, newPass string) (ok bool, err error) {
|
|
var result sql.Result
|
|
var rowsAffected int64
|
|
|
|
result, err = db.Exec(`
|
|
UPDATE public.user
|
|
SET
|
|
password = password_hash(
|
|
/* salt in hex */
|
|
ENCODE(gen_random_bytes(16), 'hex'),
|
|
|
|
/* password */
|
|
$1::bytea
|
|
)
|
|
WHERE
|
|
id = $2 AND
|
|
password=password_hash(SUBSTRING(password FROM 1 FOR 32), $3::bytea)
|
|
RETURNING id
|
|
`,
|
|
newPass,
|
|
session.UserID,
|
|
currPass,
|
|
)
|
|
|
|
if rowsAffected, err = result.RowsAffected(); err != nil {
|
|
return
|
|
}
|
|
|
|
return rowsAffected > 0, nil
|
|
}
|