extern crate base64;

use crypto::bcrypt_pbkdf::bcrypt_pbkdf;

#[derive(Debug, PartialEq, Eq)]
pub struct HashedPassword {
    pub salt: String,
    pub enc: String,
}

// TODO: Configurable number of iterations.
pub fn encode(salt: &str, pw: &str) -> HashedPassword {
    let mut enc = vec!(0; 32);
    let encrypted = bcrypt_pbkdf(pw.as_bytes(), salt.as_bytes(), 10, &mut enc);
    HashedPassword {
        salt: salt.to_string(),
        enc: base64::encode(&enc),
    }
}

pub fn validate(pw: &str, enc: &HashedPassword) -> bool {
    encode(enc.salt.as_str(), pw) == *enc
}

#[cfg(test)]
mod tests {
    use super::*;
    #[test]
    fn it_validates() {
        assert_eq!(false,
                   validate("hello",
                            &HashedPassword {
                                salt: String::from("123"),
                                enc: String::from("123"),
                            }));
        assert_eq!(true, validate("123", &encode("hello", "123")));
    }
}