point to the correct ./devtools/admin_numbers directory

added tests for HashPIN and VerifyPIN
updated expected age in test
2025-01-02 16:01:19 +03:00 · 2025-01-02 15:22:07 +03:00 · 2025-01-02 15:15:52 +03:00 · 2025-01-02 14:38:22 +03:00 · 2025-01-02 14:37:45 +03:00 · 2025-01-02 13:51:57 +03:00
10 changed files with 240 additions and 91 deletions
--- a/common/pin.go
+++ b/common/pin.go
@@ -0,0 +1,33 @@
 package common
 import (
 	"regexp"
 	"golang.org/x/crypto/bcrypt"
 )
 // Define the regex pattern as a constant
 const (
 	pinPattern = `^\d{4}$`
 )
 // checks whether the given input is a 4 digit number
 func IsValidPIN(pin string) bool {
 	match, _ := regexp.MatchString(pinPattern, pin)
 	return match
 }
 // HashPIN uses bcrypt with 8 salt rounds to hash the PIN
 func HashPIN(pin string) (string, error) {
 	hash, err := bcrypt.GenerateFromPassword([]byte(pin), 8)
 	if err != nil {
 		return "", err
 	}
 	return string(hash), nil
 }
 // VerifyPIN compareS the hashed PIN with the plaintext PIN
 func VerifyPIN(hashedPIN, pin string) bool {
 	err := bcrypt.CompareHashAndPassword([]byte(hashedPIN), []byte(pin))
 	return err == nil
 }
--- a/common/pin_test.go
+++ b/common/pin_test.go
@@ -0,0 +1,152 @@
 package common
 import (
 	"testing"
 	"golang.org/x/crypto/bcrypt"
 )
 func TestIsValidPIN(t *testing.T) {
 	tests := []struct {
 		name     string
 		pin      string
 		expected bool
 	}{
 		{
 			name:     "Valid PIN with 4 digits",
 			pin:      "1234",
 			expected: true,
 		},
 		{
 			name:     "Valid PIN with leading zeros",
 			pin:      "0001",
 			expected: true,
 		},
 		{
 			name:     "Invalid PIN with less than 4 digits",
 			pin:      "123",
 			expected: false,
 		},
 		{
 			name:     "Invalid PIN with more than 4 digits",
 			pin:      "12345",
 			expected: false,
 		},
 		{
 			name:     "Invalid PIN with letters",
 			pin:      "abcd",
 			expected: false,
 		},
 		{
 			name:     "Invalid PIN with special characters",
 			pin:      "12@#",
 			expected: false,
 		},
 		{
 			name:     "Empty PIN",
 			pin:      "",
 			expected: false,
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			actual := IsValidPIN(tt.pin)
 			if actual != tt.expected {
 				t.Errorf("IsValidPIN(%q) = %v; expected %v", tt.pin, actual, tt.expected)
 			}
 		})
 	}
 }
 func TestHashPIN(t *testing.T) {
 	tests := []struct {
 		name string
 		pin  string
 	}{
 		{
 			name: "Valid PIN with 4 digits",
 			pin:  "1234",
 		},
 		{
 			name: "Valid PIN with leading zeros",
 			pin:  "0001",
 		},
 		{
 			name: "Empty PIN",
 			pin:  "",
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			hashedPIN, err := HashPIN(tt.pin)
 			if err != nil {
 				t.Errorf("HashPIN(%q) returned an error: %v", tt.pin, err)
 				return
 			}
 			if hashedPIN == "" {
 				t.Errorf("HashPIN(%q) returned an empty hash", tt.pin)
 			}
 			// Ensure the hash can be verified with bcrypt
 			err = bcrypt.CompareHashAndPassword([]byte(hashedPIN), []byte(tt.pin))
 			if tt.pin != "" && err != nil {
 				t.Errorf("HashPIN(%q) produced a hash that does not match: %v", tt.pin, err)
 			}
 		})
 	}
 }
 func TestVerifyPIN(t *testing.T) {
 	tests := []struct {
 		name       string
 		pin        string
 		hashedPIN  string
 		shouldPass bool
 	}{
 		{
 			name:       "Valid PIN verification",
 			pin:        "1234",
 			hashedPIN:  hashPINHelper("1234"),
 			shouldPass: true,
 		},
 		{
 			name:       "Invalid PIN verification with incorrect PIN",
 			pin:        "5678",
 			hashedPIN:  hashPINHelper("1234"),
 			shouldPass: false,
 		},
 		{
 			name:       "Invalid PIN verification with empty PIN",
 			pin:        "",
 			hashedPIN:  hashPINHelper("1234"),
 			shouldPass: false,
 		},
 		{
 			name:       "Invalid PIN verification with invalid hash",
 			pin:        "1234",
 			hashedPIN:  "invalidhash",
 			shouldPass: false,
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			result := VerifyPIN(tt.hashedPIN, tt.pin)
 			if result != tt.shouldPass {
 				t.Errorf("VerifyPIN(%q, %q) = %v; expected %v", tt.hashedPIN, tt.pin, result, tt.shouldPass)
 			}
 		})
 	}
 }
 // Helper function to hash a PIN for testing purposes
 func hashPINHelper(pin string) string {
 	hashedPIN, err := HashPIN(pin)
 	if err != nil {
 		panic("Failed to hash PIN for test setup: " + err.Error())
 	}
 	return hashedPIN
 }
--- a/debug/db_debug.go
+++ b/debug/db_debug.go
@@ -11,13 +11,9 @@ import (
 func init() {
 	DebugCap |= 1
 	dbTypStr[db.DATATYPE_STATE] = "internal state"
 	dbTypStr[db.DATATYPE_USERDATA + 1 + common.DATA_ACCOUNT] = "account"
 	dbTypStr[db.DATATYPE_USERDATA + 1 + common.DATA_ACCOUNT_CREATED] = "account created"
 	dbTypStr[db.DATATYPE_USERDATA + 1 + common.DATA_TRACKING_ID] = "tracking id"
 	dbTypStr[db.DATATYPE_USERDATA + 1 + common.DATA_PUBLIC_KEY] = "public key"
 	dbTypStr[db.DATATYPE_USERDATA + 1 + common.DATA_CUSTODIAL_ID] = "custodial id"
 	dbTypStr[db.DATATYPE_USERDATA + 1 + common.DATA_ACCOUNT_PIN] = "account pin"
 	dbTypStr[db.DATATYPE_USERDATA + 1 + common.DATA_ACCOUNT_STATUS] = "account status"
 	dbTypStr[db.DATATYPE_USERDATA + 1 + common.DATA_FIRST_NAME] = "first name"
 	dbTypStr[db.DATATYPE_USERDATA + 1 + common.DATA_FAMILY_NAME] = "family name"
 	dbTypStr[db.DATATYPE_USERDATA + 1 + common.DATA_YOB] = "year of birth"
--- a/devtools/store/main.go
+++ b/devtools/store/main.go
@@ -11,6 +11,7 @@ import (
 	"git.grassecon.net/urdt/ussd/initializers"
 	"git.grassecon.net/urdt/ussd/internal/storage"
 	"git.grassecon.net/urdt/ussd/debug"
 	"git.defalsify.org/vise.git/db"
 	"git.defalsify.org/vise.git/logging"
 )
@@ -47,13 +48,14 @@ func main() {
 	store, err := menuStorageService.GetUserdataDb(ctx)
 	if err != nil {
-		fmt.Fprintf(os.Stderr, err.Error())
+		fmt.Fprintf(os.Stderr, "get userdata db: %v\n", err.Error())
 		os.Exit(1)
 	}
 	store.SetPrefix(db.DATATYPE_USERDATA)
 	d, err := store.Dump(ctx, []byte(sessionId))
 	if err != nil {
-		fmt.Fprintf(os.Stderr, err.Error())
+		fmt.Fprintf(os.Stderr, "store dump fail: %v\n", err.Error())
 		os.Exit(1)
 	}
@@ -67,7 +69,7 @@ func main() {
 			fmt.Fprintf(os.Stderr, err.Error())
 			os.Exit(1)
 		}
-		fmt.Printf("%vValue: %v\n\n", o, v)
+		fmt.Printf("%vValue: %v\n\n", o, string(v))
 	}
 	err = store.Close()
--- a/go.mod
+++ b/go.mod
@@ -3,7 +3,7 @@ module git.grassecon.net/urdt/ussd
 go 1.23.0
 require (
-	git.defalsify.org/vise.git v0.2.1-0.20241212145627-683015d4df80
+	git.defalsify.org/vise.git v0.2.3-0.20241231085136-8582c7e157d9
 	github.com/alecthomas/assert/v2 v2.2.2
 	github.com/gofrs/uuid v4.4.0+incompatible
 	github.com/grassrootseconomics/eth-custodial v1.3.0-beta
--- a/go.sum
+++ b/go.sum
@@ -1,5 +1,5 @@
-git.defalsify.org/vise.git v0.2.1-0.20241212145627-683015d4df80 h1:GYUVXRUtMpA40T4COeAduoay6CIgXjD5cfDYZOTFIKw=
+git.defalsify.org/vise.git v0.2.3-0.20241231085136-8582c7e157d9 h1:O3m+NgWDWtJm8OculT99c4bDMAO4xLe2c8hpCKpsd9g=
-git.defalsify.org/vise.git v0.2.1-0.20241212145627-683015d4df80/go.mod h1:jyBMe1qTYUz3mmuoC9JQ/TvFeW0vTanCUcPu3H8p4Ck=
+git.defalsify.org/vise.git v0.2.3-0.20241231085136-8582c7e157d9/go.mod h1:jyBMe1qTYUz3mmuoC9JQ/TvFeW0vTanCUcPu3H8p4Ck=
 github.com/alecthomas/assert/v2 v2.2.2 h1:Z/iVC0xZfWTaFNE6bA3z07T86hd45Xe2eLt6WVy2bbk=
 github.com/alecthomas/assert/v2 v2.2.2/go.mod h1:pXcQ2Asjp247dahGEmsZ6ru0UVwnkhktn7S0bBDLxvQ=
 github.com/alecthomas/participle/v2 v2.0.0 h1:Fgrq+MbuSsJwIkw3fEj9h75vDP0Er5JzepJ0/HNHv0g=
--- a/internal/handlers/handlerservice.go
+++ b/internal/handlers/handlerservice.go
@@ -43,7 +43,7 @@ func NewLocalHandlerService(ctx context.Context, fp string, debug bool, dbResour
 	if err != nil {
 		return nil, err
 	}
-	adminstore, err := utils.NewAdminStore(ctx, "admin_numbers")
+	adminstore, err := utils.NewAdminStore(ctx, "./devtools/admin_numbers")
 	if err != nil {
 		return nil, err
 	}
--- a/internal/handlers/ussd/menuhandler.go
+++ b/internal/handlers/ussd/menuhandler.go
@@ -5,7 +5,6 @@ import (
 	"context"
 	"fmt"
 	"path"
 	"regexp"
 	"strconv"
 	"strings"
@@ -34,17 +33,6 @@ var (
 	translationDir = path.Join(scriptDir, "locale")
 )
 // Define the regex patterns as constants
 const (
 	pinPattern = `^\d{4}$`
 )
 // checks whether the given input is a 4 digit number
 func isValidPIN(pin string) bool {
 	match, _ := regexp.MatchString(pinPattern, pin)
 	return match
 }
 // FlagManager handles centralized flag management
 type FlagManager struct {
 	parser *asm.FlagParser
@@ -281,7 +269,7 @@ func (h *Handlers) VerifyNewPin(ctx context.Context, sym string, input []byte) (
 	flag_valid_pin, _ := h.flagManager.GetFlag("flag_valid_pin")
 	pinInput := string(input)
 	// Validate that the PIN is a 4-digit number.
-	if isValidPIN(pinInput) {
+	if common.IsValidPIN(pinInput) {
 		res.FlagSet = append(res.FlagSet, flag_valid_pin)
 	} else {
 		res.FlagReset = append(res.FlagReset, flag_valid_pin)
@@ -306,7 +294,7 @@ func (h *Handlers) SaveTemporaryPin(ctx context.Context, sym string, input []byt
 	accountPIN := string(input)
 	// Validate that the PIN is a 4-digit number.
-	if !isValidPIN(accountPIN) {
+	if !common.IsValidPIN(accountPIN) {
 		res.FlagSet = append(res.FlagSet, flag_incorrect_pin)
 		return res, nil
 	}
@@ -368,11 +356,20 @@ func (h *Handlers) ConfirmPinChange(ctx context.Context, sym string, input []byt
 		res.FlagReset = append(res.FlagReset, flag_pin_mismatch)
 	} else {
 		res.FlagSet = append(res.FlagSet, flag_pin_mismatch)
 		return res, nil
 	}
-	// If matched, save the confirmed PIN as the new account PIN
+
-	err = store.WriteEntry(ctx, sessionId, common.DATA_ACCOUNT_PIN, []byte(temporaryPin))
+	// Hash the PIN
 	hashedPIN, err := common.HashPIN(string(temporaryPin))
 	if err != nil {
-		logg.ErrorCtxf(ctx, "failed to write temporaryPin entry with", "key", common.DATA_ACCOUNT_PIN, "value", temporaryPin, "error", err)
+		logg.ErrorCtxf(ctx, "failed to hash temporaryPin", "error", err)
 		return res, err
 	}
 	// save the hashed PIN as the new account PIN
 	err = store.WriteEntry(ctx, sessionId, common.DATA_ACCOUNT_PIN, []byte(hashedPIN))
 	if err != nil {
 		logg.ErrorCtxf(ctx, "failed to write DATA_ACCOUNT_PIN entry with", "key", common.DATA_ACCOUNT_PIN, "hashedPIN value", hashedPIN, "error", err)
 		return res, err
 	}
 	return res, nil
@@ -404,11 +401,19 @@ func (h *Handlers) VerifyCreatePin(ctx context.Context, sym string, input []byte
 		res.FlagSet = append(res.FlagSet, flag_pin_set)
 	} else {
 		res.FlagSet = []uint32{flag_pin_mismatch}
 		return res, nil
 	}
-	err = store.WriteEntry(ctx, sessionId, common.DATA_ACCOUNT_PIN, []byte(temporaryPin))
+	// Hash the PIN
 	hashedPIN, err := common.HashPIN(string(temporaryPin))
 	if err != nil {
-		logg.ErrorCtxf(ctx, "failed to write temporaryPin entry with", "key", common.DATA_ACCOUNT_PIN, "value", temporaryPin, "error", err)
+		logg.ErrorCtxf(ctx, "failed to hash temporaryPin", "error", err)
 		return res, err
 	}
 	err = store.WriteEntry(ctx, sessionId, common.DATA_ACCOUNT_PIN, []byte(hashedPIN))
 	if err != nil {
 		logg.ErrorCtxf(ctx, "failed to write DATA_ACCOUNT_PIN entry with", "key", common.DATA_ACCOUNT_PIN, "value", hashedPIN, "error", err)
 		return res, err
 	}
@@ -722,7 +727,7 @@ func (h *Handlers) Authorize(ctx context.Context, sym string, input []byte) (res
 		return res, err
 	}
 	if len(input) == 4 {
-		if bytes.Equal(input, AccountPin) {
+		if common.VerifyPIN(string(AccountPin), string(input)) {
 			if h.st.MatchFlag(flag_account_authorized, false) {
 				res.FlagReset = append(res.FlagReset, flag_incorrect_pin)
 				res.FlagSet = append(res.FlagSet, flag_allow_update, flag_account_authorized)
@@ -949,7 +954,15 @@ func (h *Handlers) ResetOthersPin(ctx context.Context, sym string, input []byte)
 		logg.ErrorCtxf(ctx, "failed to read temporaryPin entry with", "key", common.DATA_TEMPORARY_VALUE, "error", err)
 		return res, err
 	}
-	err = store.WriteEntry(ctx, string(blockedPhonenumber), common.DATA_ACCOUNT_PIN, []byte(temporaryPin))
+
 	// Hash the PIN
 	hashedPIN, err := common.HashPIN(string(temporaryPin))
 	if err != nil {
 		logg.ErrorCtxf(ctx, "failed to hash temporaryPin", "error", err)
 		return res, err
 	}
 	err = store.WriteEntry(ctx, string(blockedPhonenumber), common.DATA_ACCOUNT_PIN, []byte(hashedPIN))
 	if err != nil {
 		return res, nil
 	}
@@ -1400,7 +1413,6 @@ func (h *Handlers) GetCurrentProfileInfo(ctx context.Context, sym string, input
 		defaultValue = "Not Provided"
 	}
 	sm, _ := h.st.Where()
 	parts := strings.SplitN(sm, "_", 2)
 	filename := parts[1]
--- a/internal/handlers/ussd/menuhandler_test.go
+++ b/internal/handlers/ussd/menuhandler_test.go
@@ -1047,7 +1047,14 @@ func TestAuthorize(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			err = store.WriteEntry(ctx, sessionId, common.DATA_ACCOUNT_PIN, []byte(accountPIN))
+			// Hash the PIN
 			hashedPIN, err := common.HashPIN(accountPIN)
 			if err != nil {
 				logg.ErrorCtxf(ctx, "failed to hash temporaryPin", "error", err)
 				t.Fatal(err)
 			}
 			err = store.WriteEntry(ctx, sessionId, common.DATA_ACCOUNT_PIN, []byte(hashedPIN))
 			if err != nil {
 				t.Fatal(err)
 			}
@@ -1499,59 +1506,6 @@ func TestQuit(t *testing.T) {
 	}
 }
 func TestIsValidPIN(t *testing.T) {
 	tests := []struct {
 		name     string
 		pin      string
 		expected bool
 	}{
 		{
 			name:     "Valid PIN with 4 digits",
 			pin:      "1234",
 			expected: true,
 		},
 		{
 			name:     "Valid PIN with leading zeros",
 			pin:      "0001",
 			expected: true,
 		},
 		{
 			name:     "Invalid PIN with less than 4 digits",
 			pin:      "123",
 			expected: false,
 		},
 		{
 			name:     "Invalid PIN with more than 4 digits",
 			pin:      "12345",
 			expected: false,
 		},
 		{
 			name:     "Invalid PIN with letters",
 			pin:      "abcd",
 			expected: false,
 		},
 		{
 			name:     "Invalid PIN with special characters",
 			pin:      "12@#",
 			expected: false,
 		},
 		{
 			name:     "Empty PIN",
 			pin:      "",
 			expected: false,
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			actual := isValidPIN(tt.pin)
 			if actual != tt.expected {
 				t.Errorf("isValidPIN(%q) = %v; expected %v", tt.pin, actual, tt.expected)
 			}
 		})
 	}
 }
 func TestValidateAmount(t *testing.T) {
 	fm, err := NewFlagManager(flagsPath)
 	if err != nil {
@@ -1798,7 +1752,7 @@ func TestGetProfile(t *testing.T) {
 			result: resource.Result{
 				Content: fmt.Sprintf(
 					"Name: %s\nGender: %s\nAge: %s\nLocation: %s\nYou provide: %s\n",
-					"John Doee", "Male", "48", "Kilifi", "Bananas",
+					"John Doee", "Male", "49", "Kilifi", "Bananas",
 				),
 			},
 		},
@@ -1810,7 +1764,7 @@ func TestGetProfile(t *testing.T) {
 			result: resource.Result{
 				Content: fmt.Sprintf(
 					"Jina: %s\nJinsia: %s\nUmri: %s\nEneo: %s\nUnauza: %s\n",
-					"John Doee", "Male", "48", "Kilifi", "Bananas",
+					"John Doee", "Male", "49", "Kilifi", "Bananas",
 				),
 			},
 		},
@@ -1822,7 +1776,7 @@ func TestGetProfile(t *testing.T) {
 			result: resource.Result{
 				Content: fmt.Sprintf(
 					"Name: %s\nGender: %s\nAge: %s\nLocation: %s\nYou provide: %s\n",
-					"John Doee", "Male", "48", "Kilifi", "Bananas",
+					"John Doee", "Male", "49", "Kilifi", "Bananas",
 				),
 			},
 		},
--- a/menutraversal_test/group_test.json
+++ b/menutraversal_test/group_test.json
@@ -430,7 +430,7 @@
                },
                {
                    "input": "1234",
-                    "expectedContent": "My profile:\nName: foo bar\nGender: male\nAge: 79\nLocation: Kilifi\nYou provide: Bananas\n\n0:Back"
+                    "expectedContent": "My profile:\nName: foo bar\nGender: male\nAge: 80\nLocation: Kilifi\nYou provide: Bananas\n\n0:Back"
                },
                {
                    "input": "0",
Author	SHA1	Message	Date
alfred-mk	491b7424a9	point to the correct ./devtools/admin_numbers directory	2025-01-02 16:01:19 +03:00
alfred-mk	29ce4b83bd	added tests for HashPIN and VerifyPIN	2025-01-02 15:22:07 +03:00
alfred-mk	ca8df5989a	updated expected age in test	2025-01-02 15:15:52 +03:00
alfred-mk	82b4365d16	hash the PIN in TestAuthorize	2025-01-02 14:38:22 +03:00
alfred-mk	98db85511b	hash the PIN in the ResetOthersPin function	2025-01-02 14:37:45 +03:00
alfred-mk	99a4d3ff42	verify the PIN input against the hashed PIN	2025-01-02 13:51:57 +03:00
alfred-mk	d95c7abea4	return if the PIN is not a match, and hash the PIN before saving it	2025-01-02 13:45:18 +03:00
alfred-mk	fd1ac85a1b	add code to Hash and Verify the PIN	2025-01-02 13:43:38 +03:00
alfred-mk	c899c098f6	updated the expected age	2025-01-02 13:20:01 +03:00
alfred-mk	5ca6a74274	move PIN test to the common package	2025-01-02 13:18:49 +03:00
alfred-mk	48d63fb43f	added pin.go to contain all PIN related functionality	2025-01-02 13:16:38 +03:00
lash	ed1aeecf7d	Merge pull request 'Legible dumper' (#232 ) from lash/dump-key-prefix into master Some checks failed release / docker (push) Has been cancelled Details Reviewed-on: urdt/ussd#232	2024-12-31 09:56:04 +01:00
lash	3b69f3d38d	Merge branch 'master' into lash/dump-key-prefix	2024-12-31 09:55:40 +01:00
lash	cd58f5ae33	Upgrade govise	2024-12-31 08:55:25 +00:00
alfred-mk	7a535f796a	output the value as a string	2024-12-31 11:41:04 +03:00
lash	7c4c73125e	Merge pull request 'force-restart-state' (#223 ) from force-restart-state into master Reviewed-on: urdt/ussd#223	2024-12-31 09:34:44 +01:00
lash	c7dbe1d88f	Remove obsolete subprefix strings	2024-12-31 08:30:08 +00:00
lash	3bcd48e5a7	Update govise	2024-12-30 19:58:34 +00:00
lash	0e12c0ee4e	Add prefix for dumper, format base dump key for pg	2024-12-30 19:35:45 +00:00