51 lines
1.3 KiB
Go
51 lines
1.3 KiB
Go
package usecase
|
|
|
|
import (
|
|
"errors"
|
|
"golang.org/x/crypto/bcrypt"
|
|
)
|
|
|
|
// ErrInvalidPassword is returned when password validation fails
|
|
var ErrInvalidPassword = errors.New("invalid password")
|
|
|
|
// HashPassword generates a bcrypt hash from the given password with the specified cost.
|
|
// The cost parameter should be between 4 and 31, with higher values being more secure but slower.
|
|
func HashPassword(password string, cost int) (string, error) {
|
|
if password == "" {
|
|
return "", ErrInvalidPassword
|
|
}
|
|
|
|
if cost < bcrypt.MinCost || cost > bcrypt.MaxCost {
|
|
cost = bcrypt.DefaultCost
|
|
}
|
|
|
|
bytes, err := bcrypt.GenerateFromPassword([]byte(password), cost)
|
|
return string(bytes), err
|
|
}
|
|
|
|
// CheckPasswordHash compares a password with its bcrypt hash.
|
|
// Returns true if the password matches the hash, false otherwise.
|
|
func CheckPasswordHash(password, hash string) bool {
|
|
if password == "" || hash == "" {
|
|
return false
|
|
}
|
|
|
|
err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
|
|
return err == nil
|
|
}
|
|
|
|
// GetHashingCost extracts the cost parameter from a bcrypt hash.
|
|
// Returns the cost used to generate the hash, or 0 if the hash is invalid.
|
|
func GetHashingCost(hashedPassword []byte) int {
|
|
if len(hashedPassword) == 0 {
|
|
return 0
|
|
}
|
|
|
|
cost, err := bcrypt.Cost(hashedPassword)
|
|
if err != nil {
|
|
return 0
|
|
}
|
|
|
|
return cost
|
|
}
|