From 4d857daf5d43b57d226a9634da254ed88b133843 Mon Sep 17 00:00:00 2001
From: Lukas Bachschwell <lukas@lbsfilm.at>
Date: Mon, 12 Nov 2018 11:42:39 +0100
Subject: [PATCH] Bugfix: ensure that hmacsecret exists

---
 main.go                           |  2 +-
 services/tokenTools/tokenTools.go | 16 ++++++++++++++++
 2 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/main.go b/main.go
index f6809b4..e940a63 100644
--- a/main.go
+++ b/main.go
@@ -3,7 +3,7 @@ package main
 import (
 	_ "multitenantStack/routers"
 	companydb "multitenantStack/services/companydb"
-	tokenTools "multitenantStack/services/tokenTools"
+	"multitenantStack/services/tokenTools"
 	"time"
 
 	"github.com/astaxie/beego"
diff --git a/services/tokenTools/tokenTools.go b/services/tokenTools/tokenTools.go
index e883f6e..ae60e14 100644
--- a/services/tokenTools/tokenTools.go
+++ b/services/tokenTools/tokenTools.go
@@ -5,6 +5,7 @@ import (
 	"fmt"
 
 	jwt "github.com/dgrijalva/jwt-go"
+	"golang.org/x/crypto/bcrypt"
 )
 
 var hmacSecret []byte
@@ -26,6 +27,10 @@ func InitTokenToolsService() {
 
 // Validate a jwt tokenstring
 func Validate(Token string) (bool, jwt.Token) {
+	if len(hmacSecret) < 32 {
+		panic("No Secret initialized")
+	}
+
 	token, err := jwt.Parse(Token, func(token *jwt.Token) (interface{}, error) {
 		if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
 			return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"])
@@ -60,3 +65,14 @@ func CreateToken(Claims jwt.MapClaims) string {
 
 	return tokenString
 }
+
+func HashPassword(password string) (string, error) {
+	bytes, err := bcrypt.GenerateFromPassword([]byte(password), 14)
+	return string(bytes), err
+}
+
+func CheckPasswordHash(password, hash string) bool {
+	// Interestingly this function costs around 800ms
+	err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
+	return err == nil
+}