implement hash_password and verify_password

1 files changed, 22 insertions, 5 deletions

diff --git a/src/login/static_provider.rs b/src/login/static_provider.rs
index cc0c8cb..74a6c14 100644
--- a/src/login/static_provider.rs
+++ b/src/login/static_provider.rs
@@ -32,7 +32,7 @@ impl LoginProvider for StaticLoginProvider {
         match self.users.get(username) {
             None => bail!("User {} does not exist", username),
             Some(u) => {
-                if !verify_password(password, &u.password) {
+                if !verify_password(password, &u.password)? {
                     bail!("Wrong password");
                 }
                 let bucket = u
@@ -71,10 +71,27 @@ impl LoginProvider for StaticLoginProvider {
     }
 }
 
-pub fn hash_password(password: &str) -> String {
-    unimplemented!()
+pub fn hash_password(password: &str) -> Result<String> {
+    use argon2::{
+        password_hash::{rand_core::OsRng, PasswordHasher, SaltString},
+        Argon2,
+    };
+    let salt = SaltString::generate(&mut OsRng);
+    let argon2 = Argon2::default();
+    Ok(argon2
+        .hash_password(password.as_bytes(), &salt)
+        .map_err(|e| anyhow!("Argon2 error: {}", e))?
+        .to_string())
 }
 
-pub fn verify_password(password: &str, hash: &str) -> bool {
-    unimplemented!()
+pub fn verify_password(password: &str, hash: &str) -> Result<bool> {
+    use argon2::{
+        password_hash::{rand_core::OsRng, PasswordHash, PasswordVerifier},
+        Argon2,
+    };
+    let parsed_hash =
+        PasswordHash::new(&hash).map_err(|e| anyhow!("Invalid hashed password: {}", e))?;
+    Ok(Argon2::default()
+        .verify_password(password.as_bytes(), &parsed_hash)
+        .is_ok())
 }