refactor: moved hashing logic into application layer for security;

fix: error handling in auth service for database; refactor: removed redundant taken email check; chore: removed todos that were completed/not needed; fix: leaking transactions in complete registration and login on error; refactor: got rid of txless requests during transactions;
2025-07-06 13:01:00 +03:00
parent 5e32c3cbd3
commit 333817c9e1
9 changed files with 177 additions and 121 deletions
--- a/backend/internal/utils/codes.go
+++ b/backend/internal/utils/codes.go
@@ -0,0 +1,37 @@
+// Copyright (c) 2025 Nikolai Papin
+// 
+// This file is part of Easywish
+// 
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+// 
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See
+// the GNU General Public License for more details.
+// 
+// You should have received a copy of the GNU General Public License
+// along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+package utils
+
+import (
+	"crypto/rand"
+	"fmt"
+	"io"
+)
+
+func GenerateSecure6DigitNumber() (string, error) {
+	maxNumber := 1000000
+	b := make([]byte, 4)
+
+	if _, err := io.ReadFull(rand.Reader, b); err != nil {
+		return "", fmt.Errorf("failed to read random bytes: %w", err)
+	}
+
+	num := int(uint32(b[0])<<24 | uint32(b[1])<<16 | uint32(b[2])<<8 | uint32(b[3])) % maxNumber
+
+	return fmt.Sprintf("%06d", num), nil
+}