Golang实现 laravel 框架密码验证的方法

需求

laravel 框架中密码验证非常简单 hash::check()hash::make() hash::needRefresh()即可。
而laravel中的这些代码其实是封装了PHP自带的三个函数

  • password_verify
  • password_hash
  • password_needs_rehash

使用Golang实现

package password

import "golang.org/x/crypto/bcrypt"

func HashMake(plainPwd string) (hashedPwd string, err error) {
	var hashed []byte
	hashed, err = bcrypt.GenerateFromPassword([]byte(plainPwd), bcrypt.DefaultCost)
	if err != nil {
		return
	}
	hashedPwd = string(hashed)
	return
}

func HashIsSame(plainPwd, hashedPwd string) (yes bool, err error) {
	err = bcrypt.CompareHashAndPassword([]byte(hashedPwd), []byte(plainPwd))
	if err != nil {
		return
	}
	yes = true
	return
}

func HashNeedRefresh(hashedPwd string) bool {
	hashCost, err := bcrypt.Cost([]byte(hashedPwd))
	return err != nil || hashCost != bcrypt.DefaultCost
}

PHP的验证参数

var_dump(password_needs_rehash($hashedPwd, PASSWORD_BCRYPT, [
    'cost' => 10
]));

生成的密码格式示例:

$2a$10$nnBguPdoIu7LSDbnkFWjAu5A3OCbeEuJMkMy94MuOKOjI9xrPqHaK
上一篇:VSftpd安装和配置FTP虚拟用户实践


下一篇:FTP服务