urdt/ussd
5
0
Fork 1
Code Issues 41 Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: urdt:d95c7abea46dd84049262571ab9481922e089c33
Branches Tags
urdt:master
urdt:phone-ussd
urdt:lash/stalecache
urdt:lash/purify-max
urdt:postgres-switch-for-tests
urdt:copy-language-code
urdt:lash/purify-more
urdt:account-pin-block-v2
urdt:lash/helpcomma
urdt:send-input-fix
urdt:lash/gettext
urdt:lash/dump-format
urdt:account-pin-block
urdt:lash/ssh-fixes
urdt:lash/ssh-4
urdt:log-session-id-at-sessionid
urdt:lash/purify
urdt:logs-at-sessionid
urdt:language-change-fix
urdt:hash-pin
urdt:menu-primary-selectors
urdt:lash/dump-key-prefix
urdt:force-restart-state
urdt:restart-state-devtool
urdt:mixed-languages
urdt:add-space-after-colon
urdt:link-terms-and-conditions
urdt:lash/store-dumper
urdt:back-state-check
urdt:double-session-id
urdt:profile-edit-traverse
urdt:data-items-cleanup
urdt:minor-bug-fixes
urdt:lash/persister-freakout
urdt:trigger-balance-reload
urdt:lash/no-persister-deadlock
urdt:voucher-details
urdt:single-error-node
urdt:sohail/trace-build-29-11
urdt:alias-address-validation
urdt:sohail/upgrade-deps
urdt:account-statement
urdt:sohail/docker-build
urdt:menu-balances
urdt:send-node
urdt:profile-edit-show
urdt:terminal-logs
urdt:readme-documentation
urdt:africastalking-endpoint
urdt:http-logs
urdt:log-file
urdt:swahili-templates-menu
urdt:api-error-fix
urdt:lash/export-to-term
urdt:pre-mock-remove
urdt:remove-db-mocks
urdt:pin-reset
urdt:tests-refactor
urdt:consolidate-temp-data-storage
urdt:profile-update-pin-check
urdt:voucher-data
urdt:lash/reverse-session
urdt:address-sessionId
urdt:menu-voucherlist
urdt:api-context
urdt:api-structs
urdt:send-menu-update
urdt:check-balance-update
urdt:postgres-switch
urdt:menu-api-errors
urdt:menu-traversal-v2
urdt:psql-switch
urdt:menu-traversal-refactor
urdt:menu-traversals
urdt:lash/subprefix
urdt:tests-update
urdt:menu-profile-edit
urdt:fix-repeated-nodes
urdt:wip-menu-select-fix
urdt:lash/ssh
urdt:go-vise-0.2.0
urdt:wip-main-refactor
urdt:at-return-output
urdt:wip-unit-tests
urdt:wip-pin-guard
urdt:change-language
urdt:wip-menu-help
urdt:wip-pin-reset
urdt:lash/vise-make-var
urdt:lash/async-driver
urdt:menu-options
urdt:unit-tests
urdt:wip-code-check
urdt:lash/draft-dev-0.1.0
urdt:wip-go-vise-dev-0.1.0
urdt:wip-flag-migration
urdt:v0.8.0-beta.11
urdt:v0.8.0-beta.10
urdt:v0.8.0-beta.9
urdt:v0.8.0-beta.8
urdt:v0.8.0-beta.7
urdt:v0.8.0-beta.6
urdt:v0.8.0-beta.5
urdt:v0.8.0-beta.4
urdt:v0.8.0-beta.3
urdt:v0.8.0-beta.2
urdt:v0.8.0-beta
urdt:v0.7.0-beta
urdt:v0.6.0-beta
urdt:v0.5.0-beta
urdt:v0.4.0-beta
urdt:v0.3.0-beta
urdt:v0.2.0-beta
urdt:v0.1.2-beta
urdt:v0.1.1-beta
urdt:v0.1.0-beta
..
compare: urdt:c899c098f62994536f6952626c3feb7e5d041ab7
Branches Tags
urdt:phone-ussd
urdt:lash/stalecache
urdt:lash/purify-max
urdt:master
urdt:postgres-switch-for-tests
urdt:copy-language-code
urdt:lash/purify-more
urdt:account-pin-block-v2
urdt:lash/helpcomma
urdt:send-input-fix
urdt:lash/gettext
urdt:lash/dump-format
urdt:account-pin-block
urdt:lash/ssh-fixes
urdt:lash/ssh-4
urdt:log-session-id-at-sessionid
urdt:lash/purify
urdt:logs-at-sessionid
urdt:language-change-fix
urdt:hash-pin
urdt:menu-primary-selectors
urdt:lash/dump-key-prefix
urdt:force-restart-state
urdt:restart-state-devtool
urdt:mixed-languages
urdt:add-space-after-colon
urdt:link-terms-and-conditions
urdt:lash/store-dumper
urdt:back-state-check
urdt:double-session-id
urdt:profile-edit-traverse
urdt:data-items-cleanup
urdt:minor-bug-fixes
urdt:lash/persister-freakout
urdt:trigger-balance-reload
urdt:lash/no-persister-deadlock
urdt:voucher-details
urdt:single-error-node
urdt:sohail/trace-build-29-11
urdt:alias-address-validation
urdt:sohail/upgrade-deps
urdt:account-statement
urdt:sohail/docker-build
urdt:menu-balances
urdt:send-node
urdt:profile-edit-show
urdt:terminal-logs
urdt:readme-documentation
urdt:africastalking-endpoint
urdt:http-logs
urdt:log-file
urdt:swahili-templates-menu
urdt:api-error-fix
urdt:lash/export-to-term
urdt:pre-mock-remove
urdt:remove-db-mocks
urdt:pin-reset
urdt:tests-refactor
urdt:consolidate-temp-data-storage
urdt:profile-update-pin-check
urdt:voucher-data
urdt:lash/reverse-session
urdt:address-sessionId
urdt:menu-voucherlist
urdt:api-context
urdt:api-structs
urdt:send-menu-update
urdt:check-balance-update
urdt:postgres-switch
urdt:menu-api-errors
urdt:menu-traversal-v2
urdt:psql-switch
urdt:menu-traversal-refactor
urdt:menu-traversals
urdt:lash/subprefix
urdt:tests-update
urdt:menu-profile-edit
urdt:fix-repeated-nodes
urdt:wip-menu-select-fix
urdt:lash/ssh
urdt:go-vise-0.2.0
urdt:wip-main-refactor
urdt:at-return-output
urdt:wip-unit-tests
urdt:wip-pin-guard
urdt:change-language
urdt:wip-menu-help
urdt:wip-pin-reset
urdt:lash/vise-make-var
urdt:lash/async-driver
urdt:menu-options
urdt:unit-tests
urdt:wip-code-check
urdt:lash/draft-dev-0.1.0
urdt:wip-go-vise-dev-0.1.0
urdt:wip-flag-migration
urdt:v0.8.0-beta.11
urdt:v0.8.0-beta.10
urdt:v0.8.0-beta.9
urdt:v0.8.0-beta.8
urdt:v0.8.0-beta.7
urdt:v0.8.0-beta.6
urdt:v0.8.0-beta.5
urdt:v0.8.0-beta.4
urdt:v0.8.0-beta.3
urdt:v0.8.0-beta.2
urdt:v0.8.0-beta
urdt:v0.7.0-beta
urdt:v0.6.0-beta
urdt:v0.5.0-beta
urdt:v0.4.0-beta
urdt:v0.3.0-beta
urdt:v0.2.0-beta
urdt:v0.1.2-beta
urdt:v0.1.1-beta
urdt:v0.1.0-beta

No commits in common. "d95c7abea46dd84049262571ab9481922e089c33" and "c899c098f62994536f6952626c3feb7e5d041ab7" have entirely different histories.
d95c7abea4 ... c899c098f6

2 changed files with 6 additions and 40 deletions
Show Stats Expand all files Collapse all files

21
common/pin.go
View File

@ -1,10 +1,6 @@
package common
import (
"regexp"
"golang.org/x/crypto/bcrypt"
)
import "regexp"
// Define the regex pattern as a constant
const (
@ -16,18 +12,3 @@ func IsValidPIN(pin string) bool {
match, _ := regexp.MatchString(pinPattern, pin)
return match
}
// HashPIN uses bcrypt with 8 salt rounds to hash the PIN
func HashPIN(pin string) (string, error) {
hash, err := bcrypt.GenerateFromPassword([]byte(pin), 8)
if err != nil {
return "", err
}
return string(hash), nil
}
// VerifyPIN compareS the hashed PIN with the plaintext PIN
func VerifyPIN(hashedPIN, pin string) bool {
err := bcrypt.CompareHashAndPassword([]byte(hashedPIN), []byte(pin))
return err == nil
}

25
internal/handlers/ussd/menuhandler.go
View File

@ -356,19 +356,11 @@ func (h *Handlers) ConfirmPinChange(ctx context.Context, sym string, input []byt
res.FlagReset = append(res.FlagReset, flag_pin_mismatch)
} else {
res.FlagSet = append(res.FlagSet, flag_pin_mismatch)
return res, nil
}
// Hash the PIN
hashedPIN, err := common.HashPIN(string(temporaryPin))
// If matched, save the confirmed PIN as the new account PIN
err = store.WriteEntry(ctx, sessionId, common.DATA_ACCOUNT_PIN, []byte(temporaryPin))
if err != nil {
logg.ErrorCtxf(ctx, "failed to hash temporaryPin", "error", err)
}
// save the hashed PIN as the new account PIN
err = store.WriteEntry(ctx, sessionId, common.DATA_ACCOUNT_PIN, []byte(hashedPIN))
if err != nil {
logg.ErrorCtxf(ctx, "failed to write DATA_ACCOUNT_PIN entry with", "key", common.DATA_ACCOUNT_PIN, "hashedPIN value", hashedPIN, "error", err)
logg.ErrorCtxf(ctx, "failed to write temporaryPin entry with", "key", common.DATA_ACCOUNT_PIN, "value", temporaryPin, "error", err)
return res, err
}
return res, nil
@ -400,18 +392,11 @@ func (h *Handlers) VerifyCreatePin(ctx context.Context, sym string, input []byte
res.FlagSet = append(res.FlagSet, flag_pin_set)
} else {
res.FlagSet = []uint32{flag_pin_mismatch}
return res, nil
}
// Hash the PIN
hashedPIN, err := common.HashPIN(string(temporaryPin))
err = store.WriteEntry(ctx, sessionId, common.DATA_ACCOUNT_PIN, []byte(temporaryPin))
if err != nil {
logg.ErrorCtxf(ctx, "failed to hash temporaryPin", "error", err)
}
err = store.WriteEntry(ctx, sessionId, common.DATA_ACCOUNT_PIN, []byte(hashedPIN))
if err != nil {
logg.ErrorCtxf(ctx, "failed to write DATA_ACCOUNT_PIN entry with", "key", common.DATA_ACCOUNT_PIN, "value", hashedPIN, "error", err)
logg.ErrorCtxf(ctx, "failed to write temporaryPin entry with", "key", common.DATA_ACCOUNT_PIN, "value", temporaryPin, "error", err)
return res, err
}