From addaf087abfaa9fd41f75ce0c2181a2df48a972a Mon Sep 17 00:00:00 2001 From: Alex Auvolat Date: Fri, 20 May 2022 11:45:13 +0200 Subject: implement hash_password and verify_password --- src/login/static_provider.rs | 27 ++++++++++++++++++++++----- 1 file changed, 22 insertions(+), 5 deletions(-) (limited to 'src/login') diff --git a/src/login/static_provider.rs b/src/login/static_provider.rs index cc0c8cb..74a6c14 100644 --- a/src/login/static_provider.rs +++ b/src/login/static_provider.rs @@ -32,7 +32,7 @@ impl LoginProvider for StaticLoginProvider { match self.users.get(username) { None => bail!("User {} does not exist", username), Some(u) => { - if !verify_password(password, &u.password) { + if !verify_password(password, &u.password)? { bail!("Wrong password"); } let bucket = u @@ -71,10 +71,27 @@ impl LoginProvider for StaticLoginProvider { } } -pub fn hash_password(password: &str) -> String { - unimplemented!() +pub fn hash_password(password: &str) -> Result { + use argon2::{ + password_hash::{rand_core::OsRng, PasswordHasher, SaltString}, + Argon2, + }; + let salt = SaltString::generate(&mut OsRng); + let argon2 = Argon2::default(); + Ok(argon2 + .hash_password(password.as_bytes(), &salt) + .map_err(|e| anyhow!("Argon2 error: {}", e))? + .to_string()) } -pub fn verify_password(password: &str, hash: &str) -> bool { - unimplemented!() +pub fn verify_password(password: &str, hash: &str) -> Result { + use argon2::{ + password_hash::{rand_core::OsRng, PasswordHash, PasswordVerifier}, + Argon2, + }; + let parsed_hash = + PasswordHash::new(&hash).map_err(|e| anyhow!("Invalid hashed password: {}", e))?; + Ok(Argon2::default() + .verify_password(password.as_bytes(), &parsed_hash) + .is_ok()) } -- cgit v1.2.3