forked from electricdusk/rushlink
comparePassword: eliminate unsafe slice
This commit is contained in:
parent
11975d7911
commit
f5e107e3a0
@ -89,13 +89,14 @@ func HashPassword(password string) (string, error) {
|
|||||||
return fmt.Sprintf("$%s$%s$%s$%s", pwdAlgo, pwdParams, encodedSalt, encodedHash), nil
|
return fmt.Sprintf("$%s$%s$%s$%s", pwdAlgo, pwdParams, encodedSalt, encodedHash), nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
var errInvalidDBPasswordFormat = errors.New("invalid password format in db")
|
||||||
func comparePassword(hashedPassword string, password string) (bool, error) {
|
func comparePassword(hashedPassword string, password string) (bool, error) {
|
||||||
// Extract the salt and hash from the hashed password string
|
// Extract the salt and hash from the hashed password string
|
||||||
fields := strings.Split(hashedPassword, "$")[1:]
|
fields := strings.Split(hashedPassword, "$")
|
||||||
if len(fields) != 4 || fields[0] != pwdAlgo || fields[1] != pwdParams {
|
if len(fields) != 5 || fields[1] != pwdAlgo || fields[2] != pwdParams {
|
||||||
return false, errors.New("invalid password format in db")
|
return false, errInvalidDBPasswordFormat
|
||||||
}
|
}
|
||||||
encodedSalt, encodedHash := fields[2], fields[3]
|
encodedSalt, encodedHash := fields[3], fields[4]
|
||||||
|
|
||||||
// Decode the salt and hash from base64
|
// Decode the salt and hash from base64
|
||||||
salt, err := base64.RawStdEncoding.DecodeString(encodedSalt)
|
salt, err := base64.RawStdEncoding.DecodeString(encodedSalt)
|
||||||
|
Loading…
Reference in New Issue
Block a user