package auth import ( "golang.org/x/crypto/argon2" "crypto/rand" "sanine.net/git/phlox/config" ) func GenerateSalt() ([]byte, error) { salt := make([]byte, 10) _, err := rand.Read(salt) return salt, err } func HashPassword(password string, salt []byte) []byte { return argon2.IDKey( []byte(password), salt, 1, 64*1024, 4, 32, ) } func AuthenticateUser(user config.User, password string) bool { hash := HashPassword(password, user.Salt) for i, v := range user.PasswordHash { if v != hash[i] { return false; } } return true }