30 lines
803 B
Go
30 lines
803 B
Go
package auth
|
|
|
|
import (
|
|
"errors"
|
|
"fmt"
|
|
|
|
"golang.org/x/crypto/bcrypt"
|
|
)
|
|
|
|
// HashPassword returns the bcrypt hash for the given password using the default cost.
|
|
func HashPassword(password string) (string, error) {
|
|
hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
|
|
if err != nil {
|
|
return "", fmt.Errorf("hash password: %w", err)
|
|
}
|
|
return string(hash), nil
|
|
}
|
|
|
|
// VerifyPassword compares a bcrypt hash and a plaintext password in constant time.
|
|
func VerifyPassword(hashedPassword, password string) (bool, error) {
|
|
err := bcrypt.CompareHashAndPassword([]byte(hashedPassword), []byte(password))
|
|
if err == nil {
|
|
return true, nil
|
|
}
|
|
if errors.Is(err, bcrypt.ErrMismatchedHashAndPassword) {
|
|
return false, nil
|
|
}
|
|
return false, fmt.Errorf("compare password: %w", err)
|
|
}
|