aboutsummaryrefslogtreecommitdiff
path: root/src/login
diff options
context:
space:
mode:
Diffstat (limited to 'src/login')
-rw-r--r--src/login/static_provider.rs27
1 files changed, 22 insertions, 5 deletions
diff --git a/src/login/static_provider.rs b/src/login/static_provider.rs
index cc0c8cb..74a6c14 100644
--- a/src/login/static_provider.rs
+++ b/src/login/static_provider.rs
@@ -32,7 +32,7 @@ impl LoginProvider for StaticLoginProvider {
match self.users.get(username) {
None => bail!("User {} does not exist", username),
Some(u) => {
- if !verify_password(password, &u.password) {
+ if !verify_password(password, &u.password)? {
bail!("Wrong password");
}
let bucket = u
@@ -71,10 +71,27 @@ impl LoginProvider for StaticLoginProvider {
}
}
-pub fn hash_password(password: &str) -> String {
- unimplemented!()
+pub fn hash_password(password: &str) -> Result<String> {
+ use argon2::{
+ password_hash::{rand_core::OsRng, PasswordHasher, SaltString},
+ Argon2,
+ };
+ let salt = SaltString::generate(&mut OsRng);
+ let argon2 = Argon2::default();
+ Ok(argon2
+ .hash_password(password.as_bytes(), &salt)
+ .map_err(|e| anyhow!("Argon2 error: {}", e))?
+ .to_string())
}
-pub fn verify_password(password: &str, hash: &str) -> bool {
- unimplemented!()
+pub fn verify_password(password: &str, hash: &str) -> Result<bool> {
+ use argon2::{
+ password_hash::{rand_core::OsRng, PasswordHash, PasswordVerifier},
+ Argon2,
+ };
+ let parsed_hash =
+ PasswordHash::new(&hash).map_err(|e| anyhow!("Invalid hashed password: {}", e))?;
+ Ok(Argon2::default()
+ .verify_password(password.as_bytes(), &parsed_hash)
+ .is_ok())
}