pwhash

package module

v0.0.0-...-09cf1e6 Latest Latest Go to latest Published: Mar 14, 2019 License: Unlicense Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/aykevl/pwhash

Links

Open Source Insights

README ¶

Opinionated password hashing library

This library implements password hashing functions for Go web applications. It is intentionally not configurable to avoid security mistakes.

Using it is very simple. There are only two methods: Hash and Verify:

// When storing a password in the database:
password := "correct horse battery staple"
hash := pwhash.Hash(password)

// When checking a password for validity:
if !pwhash.Verify(password, hash) {
	// Oh no, the user entered the wrong password!
	showLoginPage()
	return
}
// User is logged in. Set up a session etc.

In the current configuration, it hashes passwords using argon2id, with 64MB memory, a time parameter of 1, and uses 4 threads. Passwords hashed this way should take under 50ms to verify on most systems.

Some other password formats are supported for backwards compatibility. This includes the PBKDF2-SHA256 hash in the Python hashlib and the Django format. More formats can be added if the need arises. Remember that this is only for legacy purposes, newly stored passwords will be in the argon2 format and thus better protected against cracking.

License

This library has been put into the public domain. For details, see LICENSE.txt or unlicense.org.

Documentation ¶

Overview ¶

Package pwhash is a simple to use password hashing library. The defaults are set to be good for most purposes and it is backwards compatible with older password hashing schemes.

Examples ¶

Hash

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func Hash ¶

func Hash(password string) string

Hash returns a hashed version of the given password. Use this when the user enters a new password and store it as an opaque string in a database.

You don't need to salt or do this operation multiple times, this is all handled for you.

Example ¶

hash := Hash("correct horse battery staple")
fmt.Println("hash:", hash)

fmt.Println("verify:", Verify("correct horse battery staple", hash))
fmt.Println("verify:", Verify("Tr0ub4dor&3", hash))

Output:

func Verify ¶

func Verify(password, hash string) bool

Verify check whether a given password matches the hash. Use it for example this way:

hash := loadUser(username).hash
if !pwhash.Verify(password, hash) {
    // login unsuccessful
    return ...
}
// continue with logged in user

This function accepts multiple hash formats for backwards compatibility.

Types ¶

This section is empty.

Source Files ¶

View all Source files

pwhash.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL