func NewUser(userId, email, pass string) (User, error) { salt := crypto.GenerateRandomKey(128) hpass, err := crypto.HashPassword(pass, salt) if err != nil { return User{}, err } return User{ Id: userId, Email: email, Password: string(hpass), Salt: string(salt), }, nil }
func (bs *BoltStore) Login(email, pass string) (string, error) { user, err := bs.UserByEmail(email) if err != nil { return "", ErrWrongPassword } passStored := user.Password salt := user.Salt hpass, err := crypto.HashPassword(pass, []byte(salt)) if err != nil { return "", err } passOk := crypto.SecureCompare(hpass, []byte(passStored)) if !passOk { return "", ErrWrongPassword } return user.Id, nil }