Set user password

2023-10-26 17:40:05 +02:00
parent dd671d561c
commit 50187f5a34
5 changed files with 67 additions and 5 deletions
--- a/app/lib/auth/passwords.go
+++ b/app/lib/auth/passwords.go
@ -0,0 +1,41 @@
+package auth
+
+import (
+	"regexp"
+
+	"golang.org/x/crypto/bcrypt"
+)
+
+// about bcrypt cost: https://docs.laminas.dev/laminas-crypt/password/#bcrypt
+// bcrypt cost benchmarks: https://github.com/nsmithuk/bcrypt-cost-go
+const BCRYPT_COST = 10
+const MIN_PASSWORD_LENGTH = 10
+
+func IsPasswordGoodEnough(password string) bool {
+	var re *regexp.Regexp
+	passwordBytes := []byte(password)
+
+	if len(password) < MIN_PASSWORD_LENGTH {
+		return false
+	}
+	re, _ = regexp.Compile("[a-z]")
+	if re.Find(passwordBytes) == nil {
+		return false
+	}
+	re, _ = regexp.Compile("[A-Z]")
+	if re.Find(passwordBytes) == nil {
+		return false
+	}
+	re, _ = regexp.Compile("[0-9]")
+	//lint:ignore S1008 allow early exit instead optimization
+	if re.Find(passwordBytes) == nil {
+		return false
+	}
+
+	return true
+}
+
+func HashPassword(password string, secretKey string) (string, error) {
+	bytes, err := bcrypt.GenerateFromPassword([]byte(password+secretKey), BCRYPT_COST)
+	return string(bytes), err
+}