3pp-mirror/pushbits
1
0
Fork 0
mirror of https://github.com/pushbits/server.git synced 2025-08-06 10:08:55 +02:00
Code Issues Projects Releases Packages Wiki Activity

Add option to check for weak passwords

Browse source
This commit is contained in:
eikendev 2021-01-16 15:29:04 +01:00
parent ad56422838
commit b06bd51d21
No known key found for this signature in database
GPG key ID: A1BDB1B28C8EF694
12 changed files with 141 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

14
authentication/credentials/password.go
View file

@ -1,13 +1,23 @@
package credentials
import (
"errors"
"log"
"github.com/alexedwards/argon2id"
)
// CreatePasswordHash returns a hashed version of the given password.
func (m *Manager) CreatePasswordHash(password string) []byte {
func (m *Manager) CreatePasswordHash(password string) ([]byte, error) {
if m.checkHIBP {
pwned, err := IsPasswordPwned(password)
if err != nil {
return []byte{}, errors.New("HIBP is not available, please wait until service is available again")
} else if pwned {
return []byte{}, errors.New("Password is pwned, please choose another one")
}
}
hash, err := argon2id.CreateHash(password, m.argon2Params)
if err != nil {
@ -15,7 +25,7 @@ func (m *Manager) CreatePasswordHash(password string) []byte {
panic(err)
}
return []byte(hash)
return []byte(hash), nil
}
// ComparePassword compares a hashed password with its possible plaintext equivalent.