homebox/backend/pkgs/hasher/password.go

package hasher

import (
	"fmt"
	"os"

	"golang.org/x/crypto/bcrypt"
)

var enabled = true

func init() {
	disableHas := os.Getenv("UNSAFE_DISABLE_PASSWORD_PROJECTION") == "yes_i_am_sure"

	if disableHas {
		fmt.Println("WARNING: Password protection is disabled. This is unsafe in production.")
		enabled = false
	}
}

func HashPassword(password string) (string, error) {
	if !enabled {
		return password, nil
	}

	bytes, err := bcrypt.GenerateFromPassword([]byte(password), 14)
	return string(bytes), err
}

func CheckPasswordHash(password, hash string) bool {
	if !enabled {
		return password == hash
	}

	err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
	return err == nil
}
Initial commit 2022-08-30 02:30:36 +00:00			`package hasher`

refactor: cleanup-api-functions (#94) * cleanup items endpoints * refactor group routes * refactor labels routes * remove old partial * refactor location routes * formatting * update names * cleanup func * speedup test runner with disable hasher * remove duplicate code 2022-10-17 02:50:44 +00:00			`import (`
			`"fmt"`
			`"os"`

			`"golang.org/x/crypto/bcrypt"`
			`)`

			`var enabled = true`

			`func init() {`
			`disableHas := os.Getenv("UNSAFE_DISABLE_PASSWORD_PROJECTION") == "yes_i_am_sure"`

			`if disableHas {`
feat: maintenance log (#170) * remove repo for document tokens * remove schema for doc tokens * fix id template and generate cmd * schema updates * code gen * bump dependencies * fix broken migrations + add maintenance entry type * spelling * remove debug logger * implement repository layer * routes * API client * wip: maintenance log * remove depreciated call 2022-12-10 05:57:57 +00:00			`fmt.Println("WARNING: Password protection is disabled. This is unsafe in production.")`
refactor: cleanup-api-functions (#94) * cleanup items endpoints * refactor group routes * refactor labels routes * remove old partial * refactor location routes * formatting * update names * cleanup func * speedup test runner with disable hasher * remove duplicate code 2022-10-17 02:50:44 +00:00			`enabled = false`
			`}`
			`}`
Initial commit 2022-08-30 02:30:36 +00:00
			`func HashPassword(password string) (string, error) {`
refactor: cleanup-api-functions (#94) * cleanup items endpoints * refactor group routes * refactor labels routes * remove old partial * refactor location routes * formatting * update names * cleanup func * speedup test runner with disable hasher * remove duplicate code 2022-10-17 02:50:44 +00:00			`if !enabled {`
			`return password, nil`
			`}`

Initial commit 2022-08-30 02:30:36 +00:00			`bytes, err := bcrypt.GenerateFromPassword([]byte(password), 14)`
			`return string(bytes), err`
			`}`

			`func CheckPasswordHash(password, hash string) bool {`
refactor: cleanup-api-functions (#94) * cleanup items endpoints * refactor group routes * refactor labels routes * remove old partial * refactor location routes * formatting * update names * cleanup func * speedup test runner with disable hasher * remove duplicate code 2022-10-17 02:50:44 +00:00			`if !enabled {`
			`return password == hash`
			`}`

Initial commit 2022-08-30 02:30:36 +00:00			`err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))`
			`return err == nil`
			`}`