Forked from mununki/user_password_django_pbkdf2_sha256.go
Created
March 13, 2020 21:45
-
-
Save peschu123/0d661bf20a461861d09c8275339c3291 to your computer and use it in GitHub Desktop.
[Go] Implementation Django default password hashing PBKDF2_SHA256 with Go
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import ( | |
| "crypto/rand" | |
| "crypto/sha256" | |
| "crypto/subtle" | |
| "encoding/base64" | |
| "strconv" | |
| "strings" | |
| "time" | |
| "golang.org/x/crypto/pbkdf2" | |
| ) | |
| // HashPassword : hashing the password using PBKDF2_SHA256 | |
| func (user *User) HashPassword() error { | |
| randByte := make([]byte, 8) | |
| _, err := rand.Read(randByte) | |
| if err != nil { | |
| return err | |
| } | |
| base64RandByte := base64.StdEncoding.EncodeToString(randByte) | |
| salt := []byte(base64RandByte) | |
| iter := 100000 | |
| dk := pbkdf2.Key([]byte(user.Password), salt, iter, 32, sha256.New) | |
| hashedPW := "pbkdf2_sha256$100000$" + string(salt) + "$" + base64.StdEncoding.EncodeToString(dk) | |
| user.Password = hashedPW | |
| return nil | |
| } | |
| // ComparePassword : compare the password | |
| func (user *User) ComparePassword(password string) bool { | |
| splitted := strings.Split(user.Password, "$") | |
| salt := []byte(splitted[2]) | |
| // saved password iteration value should be converted to int | |
| iter, _ := strconv.Atoi(splitted[1]) | |
| dk := pbkdf2.Key([]byte(password), salt, iter, 32, sha256.New) | |
| hashedPW := "pbkdf2_sha256$100000$" + splitted[2] + "$" + base64.StdEncoding.EncodeToString(dk) | |
| if subtle.ConstantTimeCompare([]byte(user.Password), []byte(hashedPW)) == 0 { | |
| return false | |
| } | |
| return true | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment