alexandrevicenzi / unchained

Secure password hashers for Go compatible with Django

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Unchained

Build Status GoDoc Go Report Card

Secure password hashers for Go compatible with Django Password Hashers.

Unchained can also be used to perform password validation against legacy or shared Django databases.

Install

Requires Go 1.9 or higher.

go get github.com/alexandrevicenzi/unchained

Supported Hashers

Hasher Encode Decode Dependencies
Argon2 golang.org/x/crypto/argon2
BCrypt golang.org/x/crypto/bcrypt
BCrypt SHA256 golang.org/x/crypto/bcrypt
Crypt
MD5
PBKDF2 SHA1 golang.org/x/crypto/pbkdf2
PBKDF2 SHA256 golang.org/x/crypto/pbkdf2
SHA1
Unsalted MD5
Unsalted SHA1

Notes

Crypt support is not planned because it's UNIX only.

BCrypt hasher does not allow to set custom salt as in Django. If you encode the same password multiple times you will get different hashes. This limitation comes from golang.org/x/crypto/bcrypt library.

Examples

Encode password

package main

import "github.com/alexandrevicenzi/unchained"

func main() {
    hash, err := unchained.MakePassword("my-password", unchained.GetRandomString(12), "default")

    if err == nil {
        fmt.Println(hash)
    } else {
        fmt.Printf("Error encoding password: %s\n", err)
    }
}

Validate password

package main

import "github.com/alexandrevicenzi/unchained"

func main() {
    valid, err := unchained.CheckPassword("admin", "pbkdf2_sha256$24000$JMO9TJawIXB1$5iz40fwwc+QW6lZY+TuNciua3YVMV3GXdgkhXrcvWag=")

    if valid {
        fmt.Println("Password is valid.")
    } else {
        if err == nil {
            fmt.Println("Password is invalid.")
        } else {
            fmt.Printf("Error decoding password: %s\n", err)
        }
    }
}

License

BSD

Reference

Related Links

About

Secure password hashers for Go compatible with Django

License:BSD 3-Clause "New" or "Revised" License


Languages

Language:Go 99.6%Language:Dockerfile 0.4%