Page Menu
Home
Musing Studio
Search
Configure Global Search
Log In
Files
F10384225
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
1 KB
Subscribers
None
View Options
diff --git a/auth/pass.go b/auth/pass.go
new file mode 100644
index 0000000..3f771cb
--- /dev/null
+++ b/auth/pass.go
@@ -0,0 +1,21 @@
+package auth
+
+import "golang.org/x/crypto/bcrypt"
+
+func clear(b []byte) {
+ for i := 0; i < len(b); i++ {
+ b[i] = 0
+ }
+}
+
+func HashPass(password []byte) ([]byte, error) {
+ // Clear memory where plaintext password was stored.
+ // http://stackoverflow.com/questions/18545676/golang-app-engine-securely-hashing-a-users-password#comment36585613_19828153
+ defer clear(password)
+ // Return hash
+ return bcrypt.GenerateFromPassword(password, 12)
+}
+
+func Authenticated(hash, pass []byte) bool {
+ return bcrypt.CompareHashAndPassword(hash, pass) == nil
+}
diff --git a/auth/pass_test.go b/auth/pass_test.go
new file mode 100644
index 0000000..ffadd6e
--- /dev/null
+++ b/auth/pass_test.go
@@ -0,0 +1,21 @@
+package auth
+
+import "testing"
+
+const pass = "password"
+
+var hash []byte
+
+func TestHash(t *testing.T) {
+ var err error
+ hash, err = HashPass([]byte(pass))
+ if err != nil {
+ t.Error("Password hash failed.")
+ }
+}
+
+func TestAuth(t *testing.T) {
+ if !Authenticated(hash, []byte(pass)) {
+ t.Error("Didn't authenticate.")
+ }
+}
File Metadata
Details
Attached
Mime Type
text/x-diff
Expires
Sat, Nov 23, 8:04 AM (1 d, 14 h)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3104463
Attached To
rWC Write.as Web Core
Event Timeline
Log In to Comment