mirror of
https://github.com/volatiletech/authboss.git
synced 2025-07-15 01:24:33 +02:00
Add VerifyPassword method
This commit is contained in:
Aaron L
@ -7,6 +7,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
|
||||
|
||||
### Added
|
||||
|
||||
- Add VerifyPassword method to hide the bcrypt implementation details when
|
||||
authboss consumer code wants to verify the password out of band.
|
||||
- ClientStateResponseWriter now supports the http.Hijacker interface if the
|
||||
underlying ResponseWriter does (thanks @tobias-kuendig)
|
||||
- DelAllSession is a new method called both by Expire and Logout (in addition
|
||||
|
||||
@ -82,6 +82,13 @@ func (a *Authboss) UpdatePassword(ctx context.Context, user AuthableUser, newPas
|
||||
return rmStorer.DelRememberTokens(ctx, user.GetPID())
|
||||
}
|
||||
|
||||
// VerifyPassword uses authboss mechanisms to check that a password is correct.
|
||||
// Returns nil on success otherwise there will be an error. Simply a helper
|
||||
// to do the bcrypt comparison.
|
||||
func VerifyPassword(user AuthableUser, password string) error {
|
||||
return bcrypt.CompareHashAndPassword([]byte(user.GetPassword()), []byte(password))
|
||||
}
|
||||
|
||||
// MWRequirements are user requirements for authboss.Middleware
|
||||
// in order to access the routes in protects. Requirements is a bit-set integer
|
||||
// to be able to easily combine requirements like so:
|
||||
|
||||
Reference in New Issue
Block a user