short url web page v1

pkg/cookie/cookie.go

@@ -0,0 +1,41 @@
+package cookie
+
+import (
+	"net/http"
+	"time"
+)
+
+const (
+	AuthorizeName = "authorize"
+)
+
+func NewCookie(name, value string, expired time.Time) *http.Cookie {
+	return &http.Cookie{
+		Name:     name,
+		Value:    value,
+		Path:     "/",
+		Secure:   false, // true->只能https站点操作
+		HttpOnly: true,  // true->js不能捕获
+		Expires:  expired,
+	}
+}
+
+func SetCookie(w http.ResponseWriter, name, value string, expired time.Time) {
+	cookie := NewCookie(name, value, expired)
+	http.SetCookie(w, cookie)
+}
+
+func ReadCookie(r *http.Request, name string) (string, error) {
+	cookie, err := r.Cookie(name)
+	if err != nil {
+		return "", err
+	}
+
+	return cookie.Value, nil
+}
+
+func DeleteCookie(w http.ResponseWriter, name string) {
+	cookie := NewCookie(name, "", time.Now().Add(time.Duration(-10)*time.Second))
+	cookie.MaxAge = -1
+	http.SetCookie(w, cookie)
+}

pkg/logger/logger.go

@@ -0,0 +1,33 @@
+package logger
+
+import (
+	"github.com/natefinch/lumberjack"
+	"go.uber.org/zap"
+	"go.uber.org/zap/zapcore"
+)
+
+var Logger *zap.SugaredLogger
+
+func NewLogger() {
+	core := zapcore.NewCore(getEncoder(), getLogWriter(), zapcore.DebugLevel)
+	logger := zap.New(core, zap.AddCaller())
+	Logger = logger.Sugar()
+}
+
+func getEncoder() zapcore.Encoder {
+	encoderConfig := zap.NewProductionEncoderConfig()
+	encoderConfig.EncodeTime = zapcore.ISO8601TimeEncoder
+	encoderConfig.EncodeLevel = zapcore.CapitalLevelEncoder
+	return zapcore.NewConsoleEncoder(encoderConfig)
+}
+
+func getLogWriter() zapcore.WriteSyncer {
+	lumberJackLogger := &lumberjack.Logger{
+		Filename:   "./log/run.log", // 日志文件的位置
+		MaxSize:    10,              // 在进行切割之前，日志文件的最大大小（以MB为单位）
+		MaxBackups: 100,             // 保留旧文件的最大个数
+		MaxAge:     365,             // 保留旧文件的最大天数
+		Compress:   false,           // 是否压缩/归档旧文件
+	}
+	return zapcore.AddSync(lumberJackLogger)
+}

pkg/password/password.go

@@ -0,0 +1,79 @@
+package password
+
+import (
+	"crypto/rand"
+	"encoding/hex"
+	"fmt"
+	"strings"
+
+	"golang.org/x/crypto/bcrypt"
+	"golang.org/x/crypto/scrypt"
+)
+
+// ******************** scrypt ********************
+
+// ScryptHashPassword scrypt 加密
+// password 原始密码
+func ScryptHashPassword(password string) (string, error) {
+	// example for making salt - https://play.golang.org/p/_Aw6WeWC42I
+	salt := make([]byte, 32)
+	_, err := rand.Read(salt)
+	if err != nil {
+		return "", err
+	}
+
+	// using recommended cost parameters from - https://godoc.org/golang.org/x/crypto/scrypt
+	shash, err := scrypt.Key([]byte(password), salt, 32768, 8, 1, 32)
+	if err != nil {
+		return "", err
+	}
+
+	// return hex-encoded string with salt appended to password
+	hashedPW := fmt.Sprintf("%s.%s", hex.EncodeToString(shash), hex.EncodeToString(salt))
+
+	return hashedPW, nil
+}
+
+// ScryptComparePassword 判断密码是否正确
+// storedPassword 加密密码
+// suppliedPassword 原始密码
+func ScryptComparePassword(storedPassword string, suppliedPassword string) error {
+	pwsalt := strings.Split(storedPassword, ".")
+
+	// check supplied password salted with hash
+	salt, err := hex.DecodeString(pwsalt[1])
+
+	if err != nil {
+		return fmt.Errorf("unable to verify user password")
+	}
+
+	shash, err := scrypt.Key([]byte(suppliedPassword), salt, 32768, 8, 1, 32)
+	if err != nil {
+		return err
+	}
+
+	if hex.EncodeToString(shash) == pwsalt[0] {
+		return nil
+	}
+
+	return fmt.Errorf("password error")
+}
+
+// ******************** bcrypt ********************
+
+// BcryptHashPassword bcrypt 加密
+// password 原始密码
+func BcryptHashPassword(password string) (string, error) {
+	hashedPassword, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
+	if err != nil {
+		return "", fmt.Errorf("failed to hash password: %w", err)
+	}
+	return string(hashedPassword), nil
+}
+
+// BcryptComparePassword 判断密码是否正确
+// hashedPassword 加密密码
+// password 原始密码
+func BcryptComparePassword(hashedPassword string, password string) error {
+	return bcrypt.CompareHashAndPassword([]byte(hashedPassword), []byte(password))
+}