Add user authentication and game persistence with SQLite

- User registration/login with bcrypt password hashing - SQLite database with goose migrations and sqlc-generated queries - Games and players persisted to database, resumable after restart - Guest play still supported alongside authenticated users - Auth UI components (login/register forms, auth header, guest banner)
2026-01-14 16:59:40 -10:00
parent 03dcfdbf85
commit b264d8990b
18 changed files with 1121 additions and 5 deletions
--- a/auth/auth.go
+++ b/auth/auth.go
@@ -0,0 +1,35 @@
+package auth
+
+import (
+	"errors"
+	"regexp"
+
+	"golang.org/x/crypto/bcrypt"
+)
+
+const bcryptCost = 12
+
+var usernameRegex = regexp.MustCompile(`^[a-zA-Z0-9_]{3,20}$`)
+
+func HashPassword(password string) (string, error) {
+	hash, err := bcrypt.GenerateFromPassword([]byte(password), bcryptCost)
+	return string(hash), err
+}
+
+func CheckPassword(password, hash string) bool {
+	return bcrypt.CompareHashAndPassword([]byte(hash), []byte(password)) == nil
+}
+
+func ValidateUsername(username string) error {
+	if !usernameRegex.MatchString(username) {
+		return errors.New("username must be 3-20 characters, alphanumeric and underscore only")
+	}
+	return nil
+}
+
+func ValidatePassword(password string) error {
+	if len(password) < 8 {
+		return errors.New("password must be at least 8 characters")
+	}
+	return nil
+}