This commit is contained in:
parent
c269db5b02
commit
c59b0c8340
SSH key fingerprint:
SHA256:vkXfS9FG2pVNVfvDrzd1VW9n8VJzqqdKQGljxxX8uK8
3 changed files with 110 additions and 95 deletions
|
|
@ -1,14 +1,11 @@
|
|||
package auth
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"crypto/rand"
|
||||
"time"
|
||||
|
||||
"git.mstar.dev/mstar/goutils/other"
|
||||
"git.mstar.dev/mstar/goutils/sliceutils"
|
||||
"github.com/google/uuid"
|
||||
"golang.org/x/crypto/argon2"
|
||||
"gorm.io/gorm"
|
||||
"gorm.io/gorm/clause"
|
||||
|
||||
|
|
@ -16,33 +13,6 @@ import (
|
|||
"git.mstar.dev/mstar/linstrom/storage-new/models"
|
||||
)
|
||||
|
||||
const saltLen = 32
|
||||
|
||||
func generateSalt(length int) ([]byte, error) {
|
||||
salt := make([]byte, length)
|
||||
if _, err := rand.Read(salt); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return salt, nil
|
||||
}
|
||||
|
||||
func hashPassword(password string) ([]byte, error) {
|
||||
salt, err := generateSalt(saltLen)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
hash := argon2.IDKey([]byte(password), salt, 1, 64*1024, 4, 32)
|
||||
hash = append(hash, salt...)
|
||||
// return bcrypt.GenerateFromPassword([]byte(password), 14)
|
||||
return hash, nil
|
||||
}
|
||||
|
||||
func comparePassword(password string, hash []byte) bool {
|
||||
salt := hash[len(hash)-saltLen:]
|
||||
|
||||
return bytes.Equal(argon2.IDKey([]byte(password), salt, 1, 64*1024, 4, 32), hash)
|
||||
}
|
||||
|
||||
// Start a login process with a username (NOT account ID) and password
|
||||
// Returns the next state, a token corresponding to that state and error
|
||||
// Token will be empty on failure, error describes the reason for the
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue