Page MenuHomeMusing Studio

No OneTemporary

diff --git a/auth/pass.go b/auth/pass.go
new file mode 100644
index 0000000..3f771cb
--- /dev/null
+++ b/auth/pass.go
@@ -0,0 +1,21 @@
+package auth
+
+import "golang.org/x/crypto/bcrypt"
+
+func clear(b []byte) {
+ for i := 0; i < len(b); i++ {
+ b[i] = 0
+ }
+}
+
+func HashPass(password []byte) ([]byte, error) {
+ // Clear memory where plaintext password was stored.
+ // http://stackoverflow.com/questions/18545676/golang-app-engine-securely-hashing-a-users-password#comment36585613_19828153
+ defer clear(password)
+ // Return hash
+ return bcrypt.GenerateFromPassword(password, 12)
+}
+
+func Authenticated(hash, pass []byte) bool {
+ return bcrypt.CompareHashAndPassword(hash, pass) == nil
+}
diff --git a/auth/pass_test.go b/auth/pass_test.go
new file mode 100644
index 0000000..ffadd6e
--- /dev/null
+++ b/auth/pass_test.go
@@ -0,0 +1,21 @@
+package auth
+
+import "testing"
+
+const pass = "password"
+
+var hash []byte
+
+func TestHash(t *testing.T) {
+ var err error
+ hash, err = HashPass([]byte(pass))
+ if err != nil {
+ t.Error("Password hash failed.")
+ }
+}
+
+func TestAuth(t *testing.T) {
+ if !Authenticated(hash, []byte(pass)) {
+ t.Error("Didn't authenticate.")
+ }
+}

File Metadata

Mime Type
text/x-diff
Expires
Sat, Nov 23, 8:04 AM (1 d, 14 h)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3104463

Event Timeline