1
1
mirror of https://github.com/openziti/zrok.git synced 2025-07-18 06:54:39 +02:00
Files
.github
agent
bin
build
canary
cmd
controller
config
emailUi
env
limits
metrics
store
zrokEdgeSdk
access.go
accountDetail.go
addOrganizationMember.go
bootstrap.go
changePassword.go
configuration.go
controller.go
createAccount.go
createFrontend.go
createIdentity.go
createOrganization.go
deleteFrontend.go
deleteOrganization.go
disable.go
enable.go
environmentDetail.go
frontendDetail.go
gc.go
grants.go
health.go
invite.go
inviteTokenGenerate.go
listFrontends.go
listMemberships.go
listOrgMembers.go
listOrganizationMembers.go
listOrganizations.go
login.go
maintenance.go
metrics.go
orgAccountOverview.go
overview.go
passwords.go
regenerateAccountToken.go
register.go
removeOrganizationMember.go
resetPassword.go
resetPasswordEmail.go
resetPasswordRequest.go
share.go
shareDetail.go
sharePrivate.go
sharePublic.go
sparkData.go
sparklines.go
startup.go
unaccess.go
unbootstrap.go
unshare.go
updateAccess.go
updateFrontend.go
updateShare.go
util.go
verify.go
verifyEmail.go
version.go
docker
docs
drives
endpoints
environment
etc
google
nfpm
rest_client_zrok
rest_model_zrok
rest_server_zrok
sdk
specs
tui
ui
util
website
.flake8
.gitattributes
.gitignore
.goreleaser-darwin.yml
.goreleaser-linux-amd64.yml
.goreleaser-linux-arm64.yml
.goreleaser-linux-armel.yml
.goreleaser-linux-armhf.yml
.goreleaser-release.yml
.goreleaser-windows.yml
.markdownlint.yaml
ACKNOWLEDGEMENTS.md
BUILD.md
CHANGELOG.md
CODE_OF_CONDUCT.md
CONTRIBUTING.md
LICENSE
README.md
RELEASING.md
SECURITY.md
go.mod
go.sum
openapitools.json
zrok/controller/passwords.go
2024-01-30 12:59:56 -05:00

44 lines
848 B
Go

package controller
import (
"crypto/rand"
"encoding/base64"
"encoding/binary"
"github.com/michaelquigley/pfxlog"
"golang.org/x/crypto/argon2"
)
type hashedPassword struct {
Password string
Salt string
}
func salt() string {
buf := make([]byte, binary.MaxVarintLen64)
_, err := rand.Read(buf)
if err != nil {
pfxlog.Logger().Panic(err)
}
return base64.StdEncoding.EncodeToString(buf)
}
func HashPassword(password string) (*hashedPassword, error) {
return rehashPassword(password, salt())
}
func rehashPassword(password string, salt string) (*hashedPassword, error) {
s, err := base64.StdEncoding.DecodeString(salt)
if err != nil {
return nil, err
}
hash := argon2.IDKey([]byte(password), s, 1, 3*1024, 4, 32)
return &hashedPassword{
Password: base64.StdEncoding.EncodeToString(hash),
Salt: salt,
}, nil
}