package auth

import (
	"golang.org/x/crypto/argon2"
	"crypto/rand"
	"sanine.net/git/phlox/config"
)


func GenerateSalt() ([]byte, error) {
	salt := make([]byte, 10)
	_, err := rand.Read(salt)
	return salt, err
}


func HashPassword(password string, salt []byte) []byte {
	return argon2.IDKey(
		[]byte(password), salt,
		1, 64*1024, 4, 32,
	)
}


func AuthenticateUser(user config.User, password string) bool {
	hash := HashPassword(password, user.Salt)
	for i, v := range user.PasswordHash {
		if v != hash[i] {
			return false;
		}
	}
	return true
}