lens @ 7dd8040d6d948d41f4e3cf632e868c640f09dd5b

7dd8040d
tar.gz
Gabriel Arakaki Giovanini 
fix: Fix having to login every server reload

diff --git a/pkg/ext/auth.go b/pkg/ext/auth.go
index d9fbfba5d27d98ab72acbb5dec58d6906248723e..ed122bb6b2631d882efac0f6191fe3c29e0dd050 100644
--- a/pkg/ext/auth.go
+++ b/pkg/ext/auth.go
@@ -6,7 +6,7 @@ 	"crypto/aes"
 	"crypto/cipher"
 	"crypto/rand"
 	"encoding/gob"
-	"fmt"
+	"errors"
 	"io"
 )
 
@@ -15,16 +15,6 @@ 	UserID   uint
 	Username string
 }
 
-var nonce []byte
-
-func init() {
-	nonce = make([]byte, 12)
-	if _, err := io.ReadFull(rand.Reader, nonce); err != nil {
-		fmt.Println("Erro while generating nonce " + err.Error())
-		panic(1)
-	}
-}
-
 func ReadToken(data []byte, key []byte) (*Token, error) {
 	block, err := aes.NewCipher(key)
 	if err != nil {
@@ -36,7 +26,13 @@ 	if err != nil {
 		panic(err.Error())
 	}
 
-	plaintext, err := aesgcm.Open(nil, nonce, data, nil)
+	nonceSize := aesgcm.NonceSize()
+	if len(data) < nonceSize {
+		return nil, errors.New("nonce size greater than data's size")
+	}
+
+	nonce, ciphertext := data[:nonceSize], data[nonceSize:]
+	plaintext, err := aesgcm.Open(nil, nonce, ciphertext, nil)
 	if err != nil {
 		return nil, err
 	}
@@ -66,7 +62,11 @@ 	enc := gob.NewEncoder(&buffer)
 	if err := enc.Encode(token); err != nil {
 		return nil, err
 	}
+	nonce := make([]byte, aesgcm.NonceSize())
+	if _, err = io.ReadFull(rand.Reader, nonce); err != nil {
+		return nil, err
+	}
 
-	ciphertext := aesgcm.Seal(nil, nonce, buffer.Bytes(), nil)
+	ciphertext := aesgcm.Seal(nonce, nonce, buffer.Bytes(), nil)
 	return ciphertext, nil
 }