This is an automated email from the ASF dual-hosted git repository.
littlecui pushed a commit to branch v1.x
in repository https://gitbox.apache.org/repos/asf/servicecomb-service-center.git
The following commit(s) were added to refs/heads/v1.x by this push:
new d4b067a increase token signing performance (#923)
d4b067a is described below
commit d4b067a12719a182cbce76ccfb39e12014120600
Author: Shawn <[email protected]>
AuthorDate: Mon Mar 29 09:59:03 2021 +0800
increase token signing performance (#923)
---
.gitignore | 1 +
pkg/privacy/password.go | 12 ++----------
pkg/privacy/password_test.go | 34 ++++++++++++++++++++++++++++++++++
server/service/rbac/authr_plugin.go | 8 --------
version/version.go | 3 ++-
5 files changed, 39 insertions(+), 19 deletions(-)
diff --git a/.gitignore b/.gitignore
index 4de89d4..1ae2400 100644
--- a/.gitignore
+++ b/.gitignore
@@ -38,3 +38,4 @@ docs/_templates
/cmd/scctl/scctl
/cmd/scserver/scserver
/cmd/syncer/syncer
+main
\ No newline at end of file
diff --git a/pkg/privacy/password.go b/pkg/privacy/password.go
index 3ffbb0a..66f4ae2 100644
--- a/pkg/privacy/password.go
+++ b/pkg/privacy/password.go
@@ -26,10 +26,7 @@ import (
)
const (
- algBcrypt = "$2a$"
- algBcrypt2 = "$2b$"
- algBcrypt3 = "$2x$"
- algBcrypt4 = "$2y$"
+ algBcrypt = "$2a$"
)
//HashPassword
@@ -49,7 +46,7 @@ func ScryptPassword(pwd string) (string, error) {
return string(hash), nil
}
func SamePassword(hashedPwd, pwd string) bool {
- if isEncodedByBcrypt(hashedPwd) {
+ if strings.HasPrefix(hashedPwd, algBcrypt) {
err := bcrypt.CompareHashAndPassword([]byte(hashedPwd),
[]byte(pwd))
if err == bcrypt.ErrMismatchedHashAndPassword {
log.Warn("incorrect password attempts")
@@ -63,8 +60,3 @@ func SamePassword(hashedPwd, pwd string) bool {
return err == nil
}
-func isEncodedByBcrypt(hashedPwd string) bool {
- return strings.HasPrefix(hashedPwd, algBcrypt) ||
- strings.HasPrefix(hashedPwd, algBcrypt2) ||
- strings.HasPrefix(hashedPwd, algBcrypt3) ||
strings.HasPrefix(hashedPwd, algBcrypt4)
-}
diff --git a/pkg/privacy/password_test.go b/pkg/privacy/password_test.go
index 056f15f..c4ad3dd 100644
--- a/pkg/privacy/password_test.go
+++ b/pkg/privacy/password_test.go
@@ -37,3 +37,37 @@ func TestHashPassword(t *testing.T) {
sameMac := privacy.SamePassword(mac, "test")
assert.True(t, sameMac)
}
+func BenchmarkBcrypt(b *testing.B) {
+ h, _ := privacy.HashPassword("test")
+ for i := 0; i < b.N; i++ {
+ same := privacy.SamePassword(h, "test")
+ if !same {
+ panic("")
+ }
+
+ }
+ b.ReportAllocs()
+}
+func BenchmarkScrypt(b *testing.B) {
+ h, _ := privacy.ScryptPassword("test")
+ for i := 0; i < b.N; i++ {
+ same := privacy.SamePassword(h, "test")
+ if !same {
+ panic("")
+ }
+
+ }
+ b.ReportAllocs()
+}
+func BenchmarkScryptP(b *testing.B) {
+ h, _ := privacy.ScryptPassword("test")
+ b.RunParallel(func(pb *testing.PB) {
+ for pb.Next() {
+ same := privacy.SamePassword(h, "test")
+ if !same {
+ panic("")
+ }
+ }
+ })
+ b.ReportAllocs()
+}
diff --git a/server/service/rbac/authr_plugin.go
b/server/service/rbac/authr_plugin.go
index cfcfc72..3f4f013 100644
--- a/server/service/rbac/authr_plugin.go
+++ b/server/service/rbac/authr_plugin.go
@@ -45,14 +45,6 @@ func (a *EmbeddedAuthenticator) Login(ctx context.Context,
user string, password
for _, o := range opts {
o(opt)
}
- exist, err := dao.AccountExist(ctx, user)
- if err != nil {
- log.Error("check account err", err)
- return "", err
- }
- if !exist {
- return "", ErrUnauthorized
- }
account, err := dao.GetAccount(ctx, user)
if err != nil {
log.Error("get account err", err)
diff --git a/version/version.go b/version/version.go
index 640835c..bac9d39 100644
--- a/version/version.go
+++ b/version/version.go
@@ -19,8 +19,9 @@ package version
import (
"fmt"
- "github.com/apache/servicecomb-service-center/pkg/log"
"runtime"
+
+ "github.com/apache/servicecomb-service-center/pkg/log"
)
var (
