// Copyright 2022 The Gogs Authors. All rights reserved. // Use of this source code is governed by a MIT-style // license that can be found in the LICENSE file. package userutil import ( "bytes" "crypto/sha256" "crypto/subtle" "encoding/hex" "fmt" "image" "image/png" "os" "path/filepath" "strconv" "strings" "github.com/nfnt/resize" "github.com/pkg/errors" "golang.org/x/crypto/pbkdf2" "gogs.io/gogs/internal/avatar" "gogs.io/gogs/internal/conf" "gogs.io/gogs/internal/strutil" "gogs.io/gogs/internal/tool" ) // DashboardURLPath returns the URL path to the user or organization dashboard. func DashboardURLPath(name string, isOrganization bool) string { if isOrganization { return conf.Server.Subpath + "/org/" + name + "/dashboard/" } return conf.Server.Subpath + "/" } // GenerateActivateCode generates an activate code based on user information and // the given email. func GenerateActivateCode(userID int64, email, name, password, rands string) string { code := tool.CreateTimeLimitCode( fmt.Sprintf("%d%s%s%s%s", userID, email, strings.ToLower(name), password, rands), conf.Auth.ActivateCodeLives, nil, ) // Add tailing hex username code += hex.EncodeToString([]byte(strings.ToLower(name))) return code } // CustomAvatarPath returns the absolute path of the user custom avatar file. func CustomAvatarPath(userID int64) string { return filepath.Join(conf.Picture.AvatarUploadPath, strconv.FormatInt(userID, 10)) } // GenerateRandomAvatar generates a random avatar and stores to local file // system using given user information. func GenerateRandomAvatar(userID int64, name, email string) error { seed := email if seed == "" { seed = name } img, err := avatar.RandomImage([]byte(seed)) if err != nil { return errors.Wrap(err, "generate random image") } avatarPath := CustomAvatarPath(userID) err = os.MkdirAll(filepath.Dir(avatarPath), os.ModePerm) if err != nil { return errors.Wrap(err, "create avatar directory") } f, err := os.Create(avatarPath) if err != nil { return errors.Wrap(err, "create avatar file") } defer func() { _ = f.Close() }() if err = png.Encode(f, img); err != nil { return errors.Wrap(err, "encode avatar image to file") } return nil } // SaveAvatar saves the given avatar for the user. func SaveAvatar(userID int64, data []byte) error { img, _, err := image.Decode(bytes.NewReader(data)) if err != nil { return errors.Wrap(err, "decode image") } avatarPath := CustomAvatarPath(userID) err = os.MkdirAll(filepath.Dir(avatarPath), os.ModePerm) if err != nil { return errors.Wrap(err, "create avatar directory") } f, err := os.Create(avatarPath) if err != nil { return errors.Wrap(err, "create avatar file") } defer func() { _ = f.Close() }() m := resize.Resize(avatar.DefaultSize, avatar.DefaultSize, img, resize.NearestNeighbor) if err = png.Encode(f, m); err != nil { return errors.Wrap(err, "encode avatar image to file") } return nil } // EncodePassword encodes password using PBKDF2 SHA256 with given salt. func EncodePassword(password, salt string) string { newPasswd := pbkdf2.Key([]byte(password), []byte(salt), 10000, 50, sha256.New) return fmt.Sprintf("%x", newPasswd) } // ValidatePassword returns true if the given password matches the encoded // version with given salt. func ValidatePassword(encoded, salt, password string) bool { got := EncodePassword(password, salt) return subtle.ConstantTimeCompare([]byte(encoded), []byte(got)) == 1 } // MailResendCacheKey returns the key used for caching mail resend. func MailResendCacheKey(userID int64) string { return fmt.Sprintf("mailResend::%d", userID) } // TwoFactorCacheKey returns the key used for caching two factor passcode. func TwoFactorCacheKey(userID int64, passcode string) string { return fmt.Sprintf("twoFactor::%d::%s", userID, passcode) } // RandomSalt returns randomly generated 10-character string that can be used as // the user salt. func RandomSalt() (string, error) { return strutil.RandomChars(10) }