From 30d40fea83f4d9e06e14f260c23a31020bd39509 Mon Sep 17 00:00:00 2001
From: Kjetil Orbekk <kjetil.orbekk@gmail.com>
Date: Sat, 17 Jun 2017 14:47:35 -0400
Subject: app: Introduce subcommands for serve and create user.

(Doesn't yet create users)
---
 src/auth/mod.rs | 24 +++++++++++++++---------
 1 file changed, 15 insertions(+), 9 deletions(-)

(limited to 'src/auth/mod.rs')

diff --git a/src/auth/mod.rs b/src/auth/mod.rs
index f3db525..728c246 100644
--- a/src/auth/mod.rs
+++ b/src/auth/mod.rs
@@ -2,22 +2,28 @@ extern crate base64;
 
 use crypto::bcrypt_pbkdf::bcrypt_pbkdf;
 
-// TODO: Replace salt with a random string.
+#[derive(Debug, PartialEq, Eq)]
+pub struct HashedPassword {
+    salt: String,
+    enc: String,
+}
+
 // TODO: Configurable number of iterations.
-pub fn encode(pw: &str) -> String {
-    let salt = "hello";
+pub fn encode(salt: &str, pw: &str) -> HashedPassword {
     let mut enc = vec!(0; 32);
     let encrypted = bcrypt_pbkdf(pw.as_bytes(), salt.as_bytes(),
                                  10, &mut enc);
-    format!("${}${}${}", "sdv1",
-            base64::encode(salt.as_bytes()), base64::encode(&enc))
+    HashedPassword {
+        salt: salt.to_string(),
+        enc: base64::encode(&enc)
+    }
 }
 
-pub fn validate(pw: &str, enc: &str) -> bool {
+pub fn validate(pw: &str, enc: &HashedPassword) -> bool {
     // let cs = enc.split('$');
     // println("{:?}", cs.len());
     // let enc_pw = cs[3];
-    encode(pw) == enc
+    encode(enc.salt.as_str(), pw) == *enc
 }
 
 #[cfg(test)]
@@ -25,7 +31,7 @@ mod tests {
     use super::*;
     #[test]
     fn it_validates() {
-        assert_eq!(false, validate("123", "123"));
-        assert_eq!(true, validate("123", &encode("123")));
+        assert_eq!(false, validate("hello", "123", "123"));
+        assert_eq!(true, validate("hello", "123", &encode("hello", "123")));
     }
 }
-- 
cgit v1.2.3