1 files changed, 25 insertions, 3 deletions

diff --git a/db/user.go b/db/user.go
index 37c0744..c1f2efe 100644
--- a/db/user.go
+++ b/db/user.go
@@ -30,6 +30,17 @@ func saltPassword(password string, salt []byte) []byte {
 }
 
 
+func hashPassword(password string, salt []byte) ([]byte, error) {
+	salted := saltPassword(password, salt)
+	hash, err := bcrypt.GenerateFromPassword(salted, bcrypt.DefaultCost)
+	if err != nil {
+		return []byte{}, err
+	}
+
+	return hash, nil
+}
+
+
 func (p *Phlox) CreateUser(username, password string) (User, error) {
 	user := User{}
 
@@ -44,9 +55,7 @@ func (p *Phlox) CreateUser(username, password string) (User, error) {
 		return user, err
 	}
 
-	salted := saltPassword(password, salt)
-
-	hash, err := bcrypt.GenerateFromPassword(salted, bcrypt.DefaultCost)
+	hash, err := hashPassword(password, salt)
 	if err != nil {
 		return user, err
 	}
@@ -69,6 +78,19 @@ func (p *Phlox) CreateUser(username, password string) (User, error) {
 
 
 
+func (p *Phlox) SetPassword(user User, password string) error {
+	hash, err := hashPassword(password, user.Salt)
+	if err != nil {
+		return err
+	}
+	hash64 := base64.StdEncoding.EncodeToString(hash)
+
+	_, err = p.db.Exec("update users set passwordhash=? where userid=?;", hash64, user.Id)
+	return err
+}
+
+
+
 func extractUser(s Scanner) (User, error) {
 	var userid int
 	var username string