diff options
author | Alex Auvolat <alex@adnab.me> | 2022-05-20 11:45:13 +0200 |
---|---|---|
committer | Alex Auvolat <alex@adnab.me> | 2022-05-20 11:45:13 +0200 |
commit | addaf087abfaa9fd41f75ce0c2181a2df48a972a (patch) | |
tree | 895bae8cb4cda0e76c50ae6a88850ef119550095 /src/login | |
parent | f254f3370df1da79552401e54e50987aa59890ca (diff) | |
download | aerogramme-addaf087abfaa9fd41f75ce0c2181a2df48a972a.tar.gz aerogramme-addaf087abfaa9fd41f75ce0c2181a2df48a972a.zip |
implement hash_password and verify_password
Diffstat (limited to 'src/login')
-rw-r--r-- | src/login/static_provider.rs | 27 |
1 files changed, 22 insertions, 5 deletions
diff --git a/src/login/static_provider.rs b/src/login/static_provider.rs index cc0c8cb..74a6c14 100644 --- a/src/login/static_provider.rs +++ b/src/login/static_provider.rs @@ -32,7 +32,7 @@ impl LoginProvider for StaticLoginProvider { match self.users.get(username) { None => bail!("User {} does not exist", username), Some(u) => { - if !verify_password(password, &u.password) { + if !verify_password(password, &u.password)? { bail!("Wrong password"); } let bucket = u @@ -71,10 +71,27 @@ impl LoginProvider for StaticLoginProvider { } } -pub fn hash_password(password: &str) -> String { - unimplemented!() +pub fn hash_password(password: &str) -> Result<String> { + use argon2::{ + password_hash::{rand_core::OsRng, PasswordHasher, SaltString}, + Argon2, + }; + let salt = SaltString::generate(&mut OsRng); + let argon2 = Argon2::default(); + Ok(argon2 + .hash_password(password.as_bytes(), &salt) + .map_err(|e| anyhow!("Argon2 error: {}", e))? + .to_string()) } -pub fn verify_password(password: &str, hash: &str) -> bool { - unimplemented!() +pub fn verify_password(password: &str, hash: &str) -> Result<bool> { + use argon2::{ + password_hash::{rand_core::OsRng, PasswordHash, PasswordVerifier}, + Argon2, + }; + let parsed_hash = + PasswordHash::new(&hash).map_err(|e| anyhow!("Invalid hashed password: {}", e))?; + Ok(Argon2::default() + .verify_password(password.as_bytes(), &parsed_hash) + .is_ok()) } |