homebox/backend/pkgs/hasher/password.go
Hayden e8449b3a73
fix: inaccruate 401 & sql busy error (#679)
* fix inaccruate 401 error on SQL db error

* init golangci-lint config

* linter autofix

* testify auto fixes

* fix sqlite busy errors

* fix naming

* more linter errors

* fix rest of linter issues
2024-01-04 08:55:26 -09:00

37 lines
724 B
Go

package hasher
import (
"fmt"
"os"
"golang.org/x/crypto/bcrypt"
)
var enabled = true
func init() { // nolint: gochecknoinits
disableHas := os.Getenv("UNSAFE_DISABLE_PASSWORD_PROJECTION") == "yes_i_am_sure"
if disableHas {
fmt.Println("WARNING: Password protection is disabled. This is unsafe in production.")
enabled = false
}
}
func HashPassword(password string) (string, error) {
if !enabled {
return password, nil
}
bytes, err := bcrypt.GenerateFromPassword([]byte(password), 14)
return string(bytes), err
}
func CheckPasswordHash(password, hash string) bool {
if !enabled {
return password == hash
}
err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
return err == nil
}