mirror of
https://github.com/openziti/zrok.git
synced 2025-07-18 06:54:39 +02:00
.github
agent
bin
build
canary
cmd
controller
config
emailUi
env
limits
metrics
store
zrokEdgeSdk
access.go
accountDetail.go
addOrganizationMember.go
bootstrap.go
changePassword.go
configuration.go
controller.go
createAccount.go
createFrontend.go
createIdentity.go
createOrganization.go
deleteFrontend.go
deleteOrganization.go
disable.go
enable.go
environmentDetail.go
frontendDetail.go
gc.go
grants.go
health.go
invite.go
inviteTokenGenerate.go
listFrontends.go
listMemberships.go
listOrgMembers.go
listOrganizationMembers.go
listOrganizations.go
login.go
maintenance.go
metrics.go
orgAccountOverview.go
overview.go
passwords.go
regenerateAccountToken.go
register.go
removeOrganizationMember.go
resetPassword.go
resetPasswordEmail.go
resetPasswordRequest.go
share.go
shareDetail.go
sharePrivate.go
sharePublic.go
sparkData.go
sparklines.go
startup.go
unaccess.go
unbootstrap.go
unshare.go
updateAccess.go
updateFrontend.go
updateShare.go
util.go
verify.go
verifyEmail.go
version.go
docker
docs
drives
endpoints
environment
etc
google
nfpm
rest_client_zrok
rest_model_zrok
rest_server_zrok
sdk
specs
tui
ui
util
website
.flake8
.gitattributes
.gitignore
.goreleaser-darwin.yml
.goreleaser-linux-amd64.yml
.goreleaser-linux-arm64.yml
.goreleaser-linux-armel.yml
.goreleaser-linux-armhf.yml
.goreleaser-release.yml
.goreleaser-windows.yml
.markdownlint.yaml
ACKNOWLEDGEMENTS.md
BUILD.md
CHANGELOG.md
CODE_OF_CONDUCT.md
CONTRIBUTING.md
LICENSE
README.md
RELEASING.md
SECURITY.md
go.mod
go.sum
openapitools.json
44 lines
848 B
Go
44 lines
848 B
Go
package controller
|
|
|
|
import (
|
|
"crypto/rand"
|
|
"encoding/base64"
|
|
"encoding/binary"
|
|
"github.com/michaelquigley/pfxlog"
|
|
"golang.org/x/crypto/argon2"
|
|
)
|
|
|
|
type hashedPassword struct {
|
|
Password string
|
|
Salt string
|
|
}
|
|
|
|
func salt() string {
|
|
buf := make([]byte, binary.MaxVarintLen64)
|
|
_, err := rand.Read(buf)
|
|
|
|
if err != nil {
|
|
pfxlog.Logger().Panic(err)
|
|
}
|
|
|
|
return base64.StdEncoding.EncodeToString(buf)
|
|
}
|
|
|
|
func HashPassword(password string) (*hashedPassword, error) {
|
|
return rehashPassword(password, salt())
|
|
}
|
|
|
|
func rehashPassword(password string, salt string) (*hashedPassword, error) {
|
|
s, err := base64.StdEncoding.DecodeString(salt)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
hash := argon2.IDKey([]byte(password), s, 1, 3*1024, 4, 32)
|
|
|
|
return &hashedPassword{
|
|
Password: base64.StdEncoding.EncodeToString(hash),
|
|
Salt: salt,
|
|
}, nil
|
|
}
|