A301/a301_server
2
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat: wallet private key export API with password verification
All checks were successful
Server CI/CD / lint-and-build (push) Successful in 39s
Details
Server CI/CD / deploy (push) Successful in 52s
Details

Browse Source
This commit is contained in:
tolelom
2026-03-23 10:52:27 +09:00
parent 10a3f0156b
commit 0cd0d2a402
5 changed files with 75 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
internal/auth/service.go
View File

@@ -535,6 +535,18 @@ func sanitizeForUsername(s string) string {
// If these fail, the admin user exists without a wallet/profile.
// This is acceptable because EnsureAdmin runs once at startup and failures
// are logged as warnings. A restart will skip user creation (already exists).
// VerifyPassword checks if the password matches the user's stored hash.
func (s *Service) VerifyPassword(userID uint, password string) error {
user, err := s.repo.FindByID(userID)
if err != nil {
return fmt.Errorf("user not found")
}
if err := bcrypt.CompareHashAndPassword([]byte(user.PasswordHash), []byte(password)); err != nil {
return fmt.Errorf("invalid password")
}
return nil
}
func (s *Service) EnsureAdmin(username, password string) error {
if _, err := s.repo.FindByUsername(username); err == nil {
return nil