1
0
Fork 0
mirror of https://github.com/documize/community.git synced 2025-07-24 15:49:44 +02:00

major package structure refactoring

This commit is contained in:
Harvey Kandola 2017-07-18 21:55:17 +01:00
parent 7b8cec9a6c
commit cf58f8164d
73 changed files with 549 additions and 389 deletions

View file

@ -24,12 +24,10 @@ import (
"github.com/documize/community/core/api/request"
"github.com/documize/community/core/api/util"
"github.com/documize/community/core/log"
uuid "github.com/nu7hatch/gouuid"
"github.com/documize/community/core/secrets"
"github.com/gorilla/mux"
_ "github.com/mytrile/mime-ext" // this adds a large number of mime extensions
uuid "github.com/nu7hatch/gouuid"
)
// AttachmentDownload is the end-point that responds to a request for a particular attachment
@ -198,7 +196,7 @@ func AddAttachments(w http.ResponseWriter, r *http.Request) {
a.RefID = refID
a.DocumentID = documentID
a.Job = job
random := util.GenerateSalt()
random := secrets.GenerateSalt()
a.FileID = random[0:9]
a.Filename = filename.Filename
a.Data = b.Bytes()

View file

@ -24,8 +24,8 @@ import (
"github.com/documize/community/core/api/request"
"github.com/documize/community/core/api/util"
"github.com/documize/community/core/log"
"github.com/documize/community/core/secrets"
"github.com/documize/community/core/section/provider"
"github.com/documize/community/core/utility"
"github.com/documize/community/core/web"
)
@ -46,7 +46,7 @@ func Authenticate(w http.ResponseWriter, r *http.Request) {
// decode what we received
data := strings.Replace(authHeader, "Basic ", "", 1)
decodedBytes, err := utility.DecodeBase64([]byte(data))
decodedBytes, err := secrets.DecodeBase64([]byte(data))
if err != nil {
writeBadRequestError(w, method, "Unable to decode authentication token")
return
@ -85,7 +85,7 @@ func Authenticate(w http.ResponseWriter, r *http.Request) {
}
// Password correct and active user
if email != strings.TrimSpace(strings.ToLower(user.Email)) || !util.MatchPassword(user.Password, password, user.Salt) {
if email != strings.TrimSpace(strings.ToLower(user.Email)) || !secrets.MatchPassword(user.Password, password, user.Salt) {
writeUnauthorizedError(w)
return
}

View file

@ -23,10 +23,10 @@ import (
"github.com/documize/community/core/api/plugins"
"github.com/documize/community/core/api/request"
"github.com/documize/community/core/api/store"
"github.com/documize/community/core/log"
"github.com/documize/community/core/utility"
"github.com/documize/community/core/api/util"
"github.com/documize/community/core/log"
"github.com/documize/community/core/streamutil"
"github.com/documize/community/core/stringutil"
"github.com/gorilla/mux"
)
@ -49,8 +49,8 @@ func SearchDocuments(w http.ResponseWriter, r *http.Request) {
// Put in slugs for easy UI display of search URL
for key, result := range results {
result.DocumentSlug = utility.MakeSlug(result.DocumentTitle)
result.FolderSlug = utility.MakeSlug(result.LabelName)
result.DocumentSlug = stringutil.MakeSlug(result.DocumentTitle)
result.FolderSlug = stringutil.MakeSlug(result.LabelName)
results[key] = result
}
@ -362,16 +362,16 @@ func GetDocumentAsDocx(w http.ResponseWriter, r *http.Request) {
html = append(html, []byte("<html><head></head><body>")...)
for _, page := range pages {
html = append(html, []byte(fmt.Sprintf("<h%d>", page.Level))...)
html = append(html, utility.EscapeHTMLcomplexCharsByte([]byte(page.Title))...)
html = append(html, stringutil.EscapeHTMLcomplexCharsByte([]byte(page.Title))...)
html = append(html, []byte(fmt.Sprintf("</h%d>", page.Level))...)
html = append(html, utility.EscapeHTMLcomplexCharsByte([]byte(page.Body))...)
html = append(html, stringutil.EscapeHTMLcomplexCharsByte([]byte(page.Body))...)
}
html = append(html, []byte("</body></html>")...)
export, err := store.ExportAs(xtn, string(html))
log.Error("store.ExportAs()", err)
w.Header().Set("Content-Disposition", "attachment; filename="+utility.MakeSlug(document.Title)+"."+xtn)
w.Header().Set("Content-Disposition", "attachment; filename="+stringutil.MakeSlug(document.Title)+"."+xtn)
w.Header().Set("Content-Type", "application/octet-stream")
w.Header().Set("Content-Length", fmt.Sprintf("%d", len(export.File)))
@ -402,7 +402,7 @@ func UpdateDocument(w http.ResponseWriter, r *http.Request) {
return
}
defer utility.Close(r.Body)
defer streamutil.Close(r.Body)
body, err := ioutil.ReadAll(r.Body)
if err != nil {

View file

@ -21,14 +21,14 @@ import (
jwt "github.com/dgrijalva/jwt-go"
"github.com/documize/community/core/api/request"
"github.com/documize/community/core/environment"
"github.com/documize/community/core/env"
"github.com/documize/community/core/log"
)
var jwtKey string
func init() {
environment.GetString(&jwtKey, "salt", false, "the salt string used to encode JWT tokens, if not set a random value will be generated",
env.GetString(&jwtKey, "salt", false, "the salt string used to encode JWT tokens, if not set a random value will be generated",
func(t *string, n string) bool {
if jwtKey == "" {
b := make([]byte, 17)

View file

@ -12,24 +12,27 @@
package endpoint
import (
"bytes"
"database/sql"
"encoding/json"
"errors"
"fmt"
"io/ioutil"
"net/http"
"net/url"
"obiwan/utility"
"sort"
"strconv"
"strings"
"bytes"
"errors"
"github.com/documize/community/core/api/endpoint/models"
"github.com/documize/community/core/api/entity"
"github.com/documize/community/core/api/request"
"github.com/documize/community/core/api/util"
"github.com/documize/community/core/log"
"github.com/documize/community/core/utility"
"sort"
"strconv"
"github.com/documize/community/core/secrets"
"github.com/documize/community/core/streamutil"
"github.com/documize/community/core/stringutil"
)
// AuthenticateKeycloak checks Keycloak authentication credentials.
@ -37,7 +40,7 @@ func AuthenticateKeycloak(w http.ResponseWriter, r *http.Request) {
method := "AuthenticateKeycloak"
p := request.GetPersister(r)
defer utility.Close(r.Body)
defer streamutil.Close(r.Body)
body, err := ioutil.ReadAll(r.Body)
if err != nil {
writeBadRequestError(w, method, "Bad payload")
@ -118,9 +121,9 @@ func AuthenticateKeycloak(w http.ResponseWriter, r *http.Request) {
user.Firstname = a.Firstname
user.Lastname = a.Lastname
user.Email = a.Email
user.Initials = utility.MakeInitials(user.Firstname, user.Lastname)
user.Salt = util.GenerateSalt()
user.Password = util.GeneratePassword(util.GenerateRandomPassword(), user.Salt)
user.Initials = stringutil.MakeInitials(user.Firstname, user.Lastname)
user.Salt = secrets.GenerateSalt()
user.Password = secrets.GeneratePassword(secrets.GenerateRandomPassword(), user.Salt)
err = addUser(p, &user, ac.DefaultPermissionAddSpace)
if err != nil {
@ -429,7 +432,7 @@ func KeycloakUsers(c keycloakConfig) (users []entity.User, err error) {
u.Email = kc.Email
u.Firstname = kc.Firstname
u.Lastname = kc.Lastname
u.Initials = utility.MakeInitials(u.Firstname, u.Lastname)
u.Initials = stringutil.MakeInitials(u.Firstname, u.Lastname)
u.Active = kc.Enabled
u.Editor = false

View file

@ -27,7 +27,9 @@ import (
"github.com/documize/community/core/api/request"
"github.com/documize/community/core/api/util"
"github.com/documize/community/core/log"
"github.com/documize/community/core/utility"
"github.com/documize/community/core/secrets"
"github.com/documize/community/core/streamutil"
"github.com/documize/community/core/stringutil"
)
// AddFolder creates a new folder.
@ -45,7 +47,7 @@ func AddFolder(w http.ResponseWriter, r *http.Request) {
return
}
defer utility.Close(r.Body)
defer streamutil.Close(r.Body)
body, err := ioutil.ReadAll(r.Body)
if err != nil {
@ -221,7 +223,7 @@ func UpdateFolder(w http.ResponseWriter, r *http.Request) {
return
}
defer utility.Close(r.Body)
defer streamutil.Close(r.Body)
body, err := ioutil.ReadAll(r.Body)
if err != nil {
@ -432,7 +434,7 @@ func SetFolderPermissions(w http.ResponseWriter, r *http.Request) {
return
}
defer utility.Close(r.Body)
defer streamutil.Close(r.Body)
body, err := ioutil.ReadAll(r.Body)
if err != nil {
@ -490,7 +492,7 @@ func SetFolderPermissions(w http.ResponseWriter, r *http.Request) {
hasEveryoneRole := false
roleCount := 0
url := p.Context.GetAppURL(fmt.Sprintf("s/%s/%s", label.RefID, utility.MakeSlug(label.Name)))
url := p.Context.GetAppURL(fmt.Sprintf("s/%s/%s", label.RefID, stringutil.MakeSlug(label.Name)))
for _, role := range model.Roles {
role.OrgID = p.Context.OrgID
@ -625,7 +627,7 @@ func AcceptSharedFolder(w http.ResponseWriter, r *http.Request) {
p.Context.OrgID = org.RefID
defer utility.Close(r.Body)
defer streamutil.Close(r.Body)
body, err := ioutil.ReadAll(r.Body)
if err != nil {
@ -666,7 +668,7 @@ func AcceptSharedFolder(w http.ResponseWriter, r *http.Request) {
user.Firstname = model.Firstname
user.Lastname = model.Lastname
user.Initials = utility.MakeInitials(user.Firstname, user.Lastname)
user.Initials = stringutil.MakeInitials(user.Firstname, user.Lastname)
tx, err := request.Db.Beginx()
@ -687,9 +689,9 @@ func AcceptSharedFolder(w http.ResponseWriter, r *http.Request) {
p.Context.UserID = user.RefID
salt := util.GenerateSalt()
salt := secrets.GenerateSalt()
log.IfErr(p.UpdateUserPassword(user.RefID, salt, util.GeneratePassword(model.Password, salt)))
log.IfErr(p.UpdateUserPassword(user.RefID, salt, secrets.GeneratePassword(model.Password, salt)))
if err != nil {
log.IfErr(tx.Rollback())
@ -735,7 +737,7 @@ func InviteToFolder(w http.ResponseWriter, r *http.Request) {
return
}
defer utility.Close(r.Body)
defer streamutil.Close(r.Body)
body, err := ioutil.ReadAll(r.Body)
if err != nil {
@ -831,13 +833,13 @@ func InviteToFolder(w http.ResponseWriter, r *http.Request) {
return
}
url := p.Context.GetAppURL(fmt.Sprintf("s/%s/%s", label.RefID, utility.MakeSlug(label.Name)))
url := p.Context.GetAppURL(fmt.Sprintf("s/%s/%s", label.RefID, stringutil.MakeSlug(label.Name)))
go mail.ShareFolderExistingUser(email, inviter.Fullname(), url, label.Name, model.Message)
log.Info(fmt.Sprintf("%s is sharing space %s with existing user %s", inviter.Email, label.Name, email))
} else {
// On-board new user
if strings.Contains(email, "@") {
url := p.Context.GetAppURL(fmt.Sprintf("auth/share/%s/%s", label.RefID, utility.MakeSlug(label.Name)))
url := p.Context.GetAppURL(fmt.Sprintf("auth/share/%s/%s", label.RefID, stringutil.MakeSlug(label.Name)))
err = inviteNewUserToSharedFolder(p, email, inviter, url, label, model.Message)
if err != nil {
@ -882,9 +884,9 @@ func inviteNewUserToSharedFolder(p request.Persister, email string, invitedBy en
user.Email = email
user.Firstname = email
user.Lastname = ""
user.Salt = util.GenerateSalt()
requestedPassword := util.GenerateRandomPassword()
user.Password = util.GeneratePassword(requestedPassword, user.Salt)
user.Salt = secrets.GenerateSalt()
requestedPassword := secrets.GenerateRandomPassword()
user.Password = secrets.GeneratePassword(requestedPassword, user.Salt)
userID := util.UniqueID()
user.RefID = userID

View file

@ -21,7 +21,7 @@ import (
"github.com/documize/community/core/api/entity"
"github.com/documize/community/core/api/request"
"github.com/documize/community/core/log"
"github.com/documize/community/core/utility"
"github.com/documize/community/core/stringutil"
)
// GetMeta provides org meta data based upon request domain (e.g. acme.documize.com).
@ -141,7 +141,7 @@ func GetSitemap(w http.ResponseWriter, r *http.Request) {
for _, folder := range folders {
var item sitemapItem
item.URL = p.Context.GetAppURL(fmt.Sprintf("s/%s/%s", folder.RefID, utility.MakeSlug(folder.Name)))
item.URL = p.Context.GetAppURL(fmt.Sprintf("s/%s/%s", folder.RefID, stringutil.MakeSlug(folder.Name)))
item.Date = folder.Revised.Format("2006-01-02T15:04:05.999999-07:00")
items = append(items, item)
}
@ -156,7 +156,7 @@ func GetSitemap(w http.ResponseWriter, r *http.Request) {
for _, document := range documents {
var item sitemapItem
item.URL = p.Context.GetAppURL(fmt.Sprintf("s/%s/%s/d/%s/%s",
document.FolderID, utility.MakeSlug(document.Folder), document.DocumentID, utility.MakeSlug(document.Document)))
document.FolderID, stringutil.MakeSlug(document.Folder), document.DocumentID, stringutil.MakeSlug(document.Document)))
item.Date = document.Revised.Format("2006-01-02T15:04:05.999999-07:00")
items = append(items, item)
}

View file

@ -21,8 +21,7 @@ import (
"github.com/documize/community/core/api/entity"
"github.com/documize/community/core/api/request"
"github.com/documize/community/core/log"
"github.com/documize/community/core/utility"
"github.com/documize/community/core/streamutil"
"github.com/gorilla/mux"
)
@ -66,7 +65,7 @@ func UpdateOrganization(w http.ResponseWriter, r *http.Request) {
return
}
defer utility.Close(r.Body)
defer streamutil.Close(r.Body)
body, err := ioutil.ReadAll(r.Body)
if err != nil {

View file

@ -25,9 +25,8 @@ import (
"github.com/documize/community/core/api/util"
"github.com/documize/community/core/log"
"github.com/documize/community/core/section/provider"
"github.com/documize/community/core/utility"
"github.com/documize/community/core/streamutil"
htmldiff "github.com/documize/html-diff"
"github.com/gorilla/mux"
)
@ -54,7 +53,7 @@ func AddDocumentPage(w http.ResponseWriter, r *http.Request) {
return
}
defer utility.Close(r.Body)
defer streamutil.Close(r.Body)
body, err := ioutil.ReadAll(r.Body)
if err != nil {
@ -260,7 +259,7 @@ func GetDocumentPagesBatch(w http.ResponseWriter, r *http.Request) {
return
}
defer utility.Close(r.Body)
defer streamutil.Close(r.Body)
body, err := ioutil.ReadAll(r.Body)
if err != nil {
@ -389,7 +388,7 @@ func DeleteDocumentPages(w http.ResponseWriter, r *http.Request) {
return
}
defer utility.Close(r.Body)
defer streamutil.Close(r.Body)
body, err := ioutil.ReadAll(r.Body)
if err != nil {
writeBadRequestError(w, method, "Bad body")
@ -480,7 +479,7 @@ func UpdateDocumentPage(w http.ResponseWriter, r *http.Request) {
return
}
defer utility.Close(r.Body)
defer streamutil.Close(r.Body)
body, err := ioutil.ReadAll(r.Body)
if err != nil {
writeBadRequestError(w, method, "Bad request body")
@ -585,7 +584,7 @@ func ChangeDocumentPageSequence(w http.ResponseWriter, r *http.Request) {
return
}
defer utility.Close(r.Body)
defer streamutil.Close(r.Body)
body, err := ioutil.ReadAll(r.Body)
if err != nil {
@ -650,7 +649,7 @@ func ChangeDocumentPageLevel(w http.ResponseWriter, r *http.Request) {
return
}
defer utility.Close(r.Body)
defer streamutil.Close(r.Body)
body, err := ioutil.ReadAll(r.Body)
if err != nil {

View file

@ -22,7 +22,7 @@ import (
"github.com/documize/community/core/api/util"
"github.com/documize/community/core/log"
"github.com/documize/community/core/section/provider"
"github.com/documize/community/core/utility"
"github.com/documize/community/core/streamutil"
"github.com/gorilla/mux"
)
@ -198,7 +198,7 @@ func AddBlock(w http.ResponseWriter, r *http.Request) {
method := "AddBlock"
p := request.GetPersister(r)
defer utility.Close(r.Body)
defer streamutil.Close(r.Body)
body, err := ioutil.ReadAll(r.Body)
if err != nil {
@ -329,7 +329,7 @@ func UpdateBlock(w http.ResponseWriter, r *http.Request) {
return
}
defer utility.Close(r.Body)
defer streamutil.Close(r.Body)
body, err := ioutil.ReadAll(r.Body)
if err != nil {
writeBadRequestError(w, method, "Bad payload")

View file

@ -21,7 +21,7 @@ import (
"github.com/documize/community/core"
"github.com/documize/community/core/api/plugins"
"github.com/documize/community/core/database"
"github.com/documize/community/core/environment"
"github.com/documize/community/core/env"
"github.com/documize/community/core/log"
"github.com/documize/community/core/web"
"github.com/gorilla/mux"
@ -45,10 +45,10 @@ func init() {
Product.License.Trial = false
Product.License.Edition = "Community"
environment.GetString(&certFile, "cert", false, "the cert.pem file used for https", nil)
environment.GetString(&keyFile, "key", false, "the key.pem file used for https", nil)
environment.GetString(&port, "port", false, "http/https port number", nil)
environment.GetString(&forcePort2SSL, "forcesslport", false, "redirect given http port number to TLS", nil)
env.GetString(&certFile, "cert", false, "the cert.pem file used for https", nil)
env.GetString(&keyFile, "key", false, "the key.pem file used for https", nil)
env.GetString(&port, "port", false, "http/https port number", nil)
env.GetString(&forcePort2SSL, "forcesslport", false, "redirect given http port number to TLS", nil)
log.Info("Server.Init complete")
}

View file

@ -12,16 +12,13 @@
package endpoint
import (
"database/sql"
"encoding/json"
"errors"
"fmt"
"io/ioutil"
"net/http"
"database/sql"
"github.com/gorilla/mux"
"github.com/documize/community/core/api/convert"
"github.com/documize/community/core/api/endpoint/models"
"github.com/documize/community/core/api/entity"
@ -30,8 +27,10 @@ import (
api "github.com/documize/community/core/convapi"
"github.com/documize/community/core/event"
"github.com/documize/community/core/log"
"github.com/documize/community/core/utility"
"github.com/documize/community/core/secrets"
"github.com/documize/community/core/streamutil"
"github.com/documize/community/core/stringutil"
"github.com/gorilla/mux"
uuid "github.com/nu7hatch/gouuid"
)
@ -51,7 +50,7 @@ func SaveAsTemplate(w http.ResponseWriter, r *http.Request) {
Excerpt string
}
defer utility.Close(r.Body)
defer streamutil.Close(r.Body)
body, err := ioutil.ReadAll(r.Body)
if err != nil {
@ -331,7 +330,7 @@ func StartDocumentFromSavedTemplate(w http.ResponseWriter, r *http.Request) {
return
}
defer utility.Close(r.Body)
defer streamutil.Close(r.Body)
body, err := ioutil.ReadAll(r.Body)
if err != nil {
writeBadRequestError(w, method, "Bad payload")
@ -345,7 +344,7 @@ func StartDocumentFromSavedTemplate(w http.ResponseWriter, r *http.Request) {
d.Title = docTitle
d.Location = fmt.Sprintf("template-%s", templateID)
d.Excerpt = "A new document"
d.Slug = utility.MakeSlug(d.Title)
d.Slug = stringutil.MakeSlug(d.Title)
d.Tags = ""
d.LabelID = folderID
documentID := util.UniqueID()
@ -439,7 +438,7 @@ func StartDocumentFromSavedTemplate(w http.ResponseWriter, r *http.Request) {
for _, a := range attachments {
a.DocumentID = documentID
a.Job = newUUID.String()
random := util.GenerateSalt()
random := secrets.GenerateSalt()
a.FileID = random[0:9]
attachmentID := util.UniqueID()
a.RefID = attachmentID

View file

@ -18,6 +18,8 @@ import (
"io/ioutil"
"net/http"
"net/url"
"obiwan/utility"
"strconv"
"strings"
"github.com/documize/community/core/api/entity"
@ -25,12 +27,12 @@ import (
"github.com/documize/community/core/api/request"
"github.com/documize/community/core/api/util"
api "github.com/documize/community/core/convapi"
"github.com/documize/community/core/log"
"github.com/documize/community/core/utility"
"github.com/documize/community/core/event"
"github.com/documize/community/core/log"
"github.com/documize/community/core/secrets"
"github.com/documize/community/core/streamutil"
"github.com/documize/community/core/stringutil"
"github.com/gorilla/mux"
"strconv"
)
// AddUser is the endpoint that enables an administrator to add a new user for their orgaisation.
@ -48,7 +50,7 @@ func AddUser(w http.ResponseWriter, r *http.Request) {
return
}
defer utility.Close(r.Body)
defer streamutil.Close(r.Body)
body, err := ioutil.ReadAll(r.Body)
if err != nil {
@ -85,12 +87,12 @@ func AddUser(w http.ResponseWriter, r *http.Request) {
return
}
userModel.Initials = utility.MakeInitials(userModel.Firstname, userModel.Lastname)
userModel.Initials = stringutil.MakeInitials(userModel.Firstname, userModel.Lastname)
// generate secrets
requestedPassword := util.GenerateRandomPassword()
userModel.Salt = util.GenerateSalt()
userModel.Password = util.GeneratePassword(requestedPassword, userModel.Salt)
requestedPassword := secrets.GenerateRandomPassword()
userModel.Salt = secrets.GenerateSalt()
userModel.Password = secrets.GeneratePassword(requestedPassword, userModel.Salt)
// only create account if not dupe
addUser := true
@ -419,7 +421,7 @@ func UpdateUser(w http.ResponseWriter, r *http.Request) {
return
}
defer utility.Close(r.Body)
defer streamutil.Close(r.Body)
body, err := ioutil.ReadAll(r.Body)
if err != nil {
@ -457,7 +459,7 @@ func UpdateUser(w http.ResponseWriter, r *http.Request) {
p.Context.Transaction = tx
user.RefID = userID
user.Initials = utility.MakeInitials(user.Firstname, user.Lastname)
user.Initials = stringutil.MakeInitials(user.Firstname, user.Lastname)
err = p.UpdateUser(user)
@ -516,7 +518,7 @@ func ChangeUserPassword(w http.ResponseWriter, r *http.Request) {
return
}
defer utility.Close(r.Body)
defer streamutil.Close(r.Body)
body, err := ioutil.ReadAll(r.Body)
if err != nil {
@ -548,9 +550,9 @@ func ChangeUserPassword(w http.ResponseWriter, r *http.Request) {
return
}
user.Salt = util.GenerateSalt()
user.Salt = secrets.GenerateSalt()
err = p.UpdateUserPassword(userID, user.Salt, util.GeneratePassword(newPassword, user.Salt))
err = p.UpdateUserPassword(userID, user.Salt, secrets.GeneratePassword(newPassword, user.Salt))
if err != nil {
writeGeneralSQLError(w, method, err)
@ -604,7 +606,7 @@ func ForgotUserPassword(w http.ResponseWriter, r *http.Request) {
method := "ForgotUserPassword"
p := request.GetPersister(r)
defer utility.Close(r.Body)
defer streamutil.Close(r.Body)
body, err := ioutil.ReadAll(r.Body)
if err != nil {
@ -629,7 +631,7 @@ func ForgotUserPassword(w http.ResponseWriter, r *http.Request) {
p.Context.Transaction = tx
token := util.GenerateSalt()
token := secrets.GenerateSalt()
err = p.ForgotUserPassword(user.Email, token)
@ -667,7 +669,7 @@ func ResetUserPassword(w http.ResponseWriter, r *http.Request) {
return
}
defer utility.Close(r.Body)
defer streamutil.Close(r.Body)
body, err := ioutil.ReadAll(r.Body)
if err != nil {
@ -696,9 +698,9 @@ func ResetUserPassword(w http.ResponseWriter, r *http.Request) {
return
}
user.Salt = util.GenerateSalt()
user.Salt = secrets.GenerateSalt()
err = p.UpdateUserPassword(user.RefID, user.Salt, util.GeneratePassword(newPassword, user.Salt))
err = p.UpdateUserPassword(user.RefID, user.Salt, secrets.GeneratePassword(newPassword, user.Salt))
if err != nil {
log.IfErr(tx.Rollback())