From aa729f94928b87ef805609b2e8c26122a064a9e8 Mon Sep 17 00:00:00 2001
From: ukane-philemon <ukanephilemon@gmail.com>
Date: Sun, 19 Dec 2021 17:00:28 +0100
Subject: [PATCH] Implementing password Hashing[reviewed]

---
 config.go        |  2 +-
 vspd.go          | 28 +++++++++++++++-------------
 webapi/admin.go  |  4 ++--
 webapi/webapi.go |  2 +-
 4 files changed, 19 insertions(+), 17 deletions(-)

diff --git a/config.go b/config.go
index 6af4bfa7..32601f55 100644
--- a/config.go
+++ b/config.go
@@ -269,7 +269,7 @@ func loadConfig() (*config, error) {
 		}
 		return nil, err
 	}
-	
+
 	// Set the active network.
 	minRequired := 1
 	switch cfg.Network {
diff --git a/vspd.go b/vspd.go
index 2729ca6c..2e4d9f89 100644
--- a/vspd.go
+++ b/vspd.go
@@ -41,8 +41,8 @@ func main() {
 //Implementing password hash to increase security for AdminPass
 //hashPassword hash cfg.AdminPass and returns the hash.
 func hashPassword(password string) (string, error) {
-    bytes, err := bcrypt.GenerateFromPassword([]byte(password), 15)
-    return string(bytes), err
+	bytes, err := bcrypt.GenerateFromPassword([]byte(password), 15)
+	return string(bytes), err
 }
 
 // run is the main startup and teardown logic performed by the main package. It
@@ -86,23 +86,25 @@ func run(ctx context.Context) error {
 	hash, err := db.GetAdminHash()
 
 	//Ensure adminpass option is set
-	if cfg.AdminPass == "" &&  err != nil {
+	if cfg.AdminPass == "" && err != nil {
 		return errors.New("the adminpass option is not set")
 	}
 
-	if hash != nil && cfg.AdminPass != "" {
-	//Hash the cfg.AdminPass value
-	cfg.AdminPass, err = hashPassword(cfg.AdminPass)
+	if cfg.AdminPass != "" {
+		//Hash the cfg.AdminPass value
+		cfg.AdminPass, err = hashPassword(cfg.AdminPass)
 
-	if err != nil {
-		return fmt.Errorf("Hashing AdminPass Failed: %w", err)
-	}
+		if err != nil {
+			return fmt.Errorf("Hashing AdminPass Failed: %w", err)
+		}
 
-	//if adminpass is set, overwrite the saved adminpass hash in database.
-	db.UpdateAdminPass(cfg.AdminPass)
-	
+		//if adminpass is set, overwrite the saved adminpass hash in database.
+		db.UpdateAdminPass(cfg.AdminPass)
+
+	} else {
+		cfg.AdminPass = string(hash)
 	}
-	
+
 	// Create RPC client for local dcrd instance (used for broadcasting and
 	// checking the status of fee transactions).
 	dcrd := rpc.SetupDcrd(cfg.DcrdUser, cfg.DcrdPass, cfg.DcrdHost, cfg.dcrdCert, nil)
diff --git a/webapi/admin.go b/webapi/admin.go
index 7ddd5eb3..1f1df5f5 100644
--- a/webapi/admin.go
+++ b/webapi/admin.go
@@ -202,8 +202,8 @@ func ticketSearch(c *gin.Context) {
 func CheckPasswordHash(hash []byte, password string) bool {
     err := bcrypt.CompareHashAndPassword(hash, []byte(password))
     return err == nil
-}
 
+}
 // adminLogin is the handler for "POST /admin". If a valid password is provided,
 // the current session will be authenticated as an admin.
 func adminLogin(c *gin.Context) {
@@ -214,7 +214,7 @@ func adminLogin(c *gin.Context) {
 	}
 	
 	ok := CheckPasswordHash(hashedPass, password)
-	
+
 	if !ok {
 		log.Warnf("Failed login attempt from %s", c.ClientIP())
 		c.HTML(http.StatusUnauthorized, "login.html", gin.H{
diff --git a/webapi/webapi.go b/webapi/webapi.go
index c5083b95..c5f721cc 100644
--- a/webapi/webapi.go
+++ b/webapi/webapi.go
@@ -255,7 +255,7 @@ func router(debugMode bool, cookieSecret []byte, dcrd rpc.DcrdConnect, wallets r
 	basic := router.Group("/admin").Use(
 		withDcrdClient(dcrd), withWalletClients(wallets), gin.BasicAuth(gin.Accounts{
 			"admin": cfg.AdminPass,
-		}),
+		}), 
 	)
 	basic.GET("/status", statusJSON)