summaryrefslogtreecommitdiff
path: root/src/auth/mod.rs
diff options
context:
space:
mode:
Diffstat (limited to 'src/auth/mod.rs')
-rw-r--r--src/auth/mod.rs24
1 files changed, 15 insertions, 9 deletions
diff --git a/src/auth/mod.rs b/src/auth/mod.rs
index f3db525..728c246 100644
--- a/src/auth/mod.rs
+++ b/src/auth/mod.rs
@@ -2,22 +2,28 @@ extern crate base64;
use crypto::bcrypt_pbkdf::bcrypt_pbkdf;
-// TODO: Replace salt with a random string.
+#[derive(Debug, PartialEq, Eq)]
+pub struct HashedPassword {
+ salt: String,
+ enc: String,
+}
+
// TODO: Configurable number of iterations.
-pub fn encode(pw: &str) -> String {
- let salt = "hello";
+pub fn encode(salt: &str, pw: &str) -> HashedPassword {
let mut enc = vec!(0; 32);
let encrypted = bcrypt_pbkdf(pw.as_bytes(), salt.as_bytes(),
10, &mut enc);
- format!("${}${}${}", "sdv1",
- base64::encode(salt.as_bytes()), base64::encode(&enc))
+ HashedPassword {
+ salt: salt.to_string(),
+ enc: base64::encode(&enc)
+ }
}
-pub fn validate(pw: &str, enc: &str) -> bool {
+pub fn validate(pw: &str, enc: &HashedPassword) -> bool {
// let cs = enc.split('$');
// println("{:?}", cs.len());
// let enc_pw = cs[3];
- encode(pw) == enc
+ encode(enc.salt.as_str(), pw) == *enc
}
#[cfg(test)]
@@ -25,7 +31,7 @@ mod tests {
use super::*;
#[test]
fn it_validates() {
- assert_eq!(false, validate("123", "123"));
- assert_eq!(true, validate("123", &encode("123")));
+ assert_eq!(false, validate("hello", "123", "123"));
+ assert_eq!(true, validate("hello", "123", &encode("hello", "123")));
}
}