b264d8990b
- User registration/login with bcrypt password hashing - SQLite database with goose migrations and sqlc-generated queries - Games and players persisted to database, resumable after restart - Guest play still supported alongside authenticated users - Auth UI components (login/register forms, auth header, guest banner)
36 lines
795 B
Go
36 lines
795 B
Go
package auth
|
|
|
|
import (
|
|
"errors"
|
|
"regexp"
|
|
|
|
"golang.org/x/crypto/bcrypt"
|
|
)
|
|
|
|
const bcryptCost = 12
|
|
|
|
var usernameRegex = regexp.MustCompile(`^[a-zA-Z0-9_]{3,20}$`)
|
|
|
|
func HashPassword(password string) (string, error) {
|
|
hash, err := bcrypt.GenerateFromPassword([]byte(password), bcryptCost)
|
|
return string(hash), err
|
|
}
|
|
|
|
func CheckPassword(password, hash string) bool {
|
|
return bcrypt.CompareHashAndPassword([]byte(hash), []byte(password)) == nil
|
|
}
|
|
|
|
func ValidateUsername(username string) error {
|
|
if !usernameRegex.MatchString(username) {
|
|
return errors.New("username must be 3-20 characters, alphanumeric and underscore only")
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func ValidatePassword(password string) error {
|
|
if len(password) < 8 {
|
|
return errors.New("password must be at least 8 characters")
|
|
}
|
|
return nil
|
|
}
|