Last active
July 21, 2024 19:28
-
-
Save mununki/f4860b8e9b2e3d913408434f1bfb2fd7 to your computer and use it in GitHub Desktop.
[Go] Implementation Django default password hashing PBKDF2_SHA256 with Go
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import ( | |
| "crypto/rand" | |
| "crypto/sha256" | |
| "crypto/subtle" | |
| "encoding/base64" | |
| "strconv" | |
| "strings" | |
| "time" | |
| "golang.org/x/crypto/pbkdf2" | |
| ) | |
| // HashPassword : hashing the password using PBKDF2_SHA256 | |
| func (user *User) HashPassword() error { | |
| randByte := make([]byte, 8) | |
| _, err := rand.Read(randByte) | |
| if err != nil { | |
| return err | |
| } | |
| base64RandByte := base64.StdEncoding.EncodeToString(randByte) | |
| salt := []byte(base64RandByte) | |
| iter := 100000 | |
| dk := pbkdf2.Key([]byte(user.Password), salt, iter, 32, sha256.New) | |
| hashedPW := "pbkdf2_sha256$100000$" + string(salt) + "$" + base64.StdEncoding.EncodeToString(dk) | |
| user.Password = hashedPW | |
| return nil | |
| } | |
| // ComparePassword : compare the password | |
| func (user *User) ComparePassword(password string) bool { | |
| splitted := strings.Split(user.Password, "$") | |
| salt := []byte(splitted[2]) | |
| // saved password iteration value should be converted to int | |
| iter, _ := strconv.Atoi(splitted[1]) | |
| dk := pbkdf2.Key([]byte(password), salt, iter, 32, sha256.New) | |
| hashedPW := "pbkdf2_sha256$100000$" + splitted[2] + "$" + base64.StdEncoding.EncodeToString(dk) | |
| if subtle.ConstantTimeCompare([]byte(user.Password), []byte(hashedPW)) == 0 { | |
| return false | |
| } | |
| return true | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment