From a1df83e8b5737a198a3fba4de23ca2c80828f623 Mon Sep 17 00:00:00 2001
From: Alexander Kavon <me+git@alexkavon.com>
Date: Mon, 22 Jan 2024 14:56:36 -0500
Subject: added validation for user fields on sqlboiler.BeforeInsertHook, added
 hashing of secret before insert

---
 src/user/secret.go | 17 ++++-------------
 1 file changed, 4 insertions(+), 13 deletions(-)

(limited to 'src/user/secret.go')

diff --git a/src/user/secret.go b/src/user/secret.go
index 55b8bc6..b6382fe 100644
--- a/src/user/secret.go
+++ b/src/user/secret.go
@@ -8,12 +8,7 @@ import (
 	"golang.org/x/crypto/argon2"
 )
 
-type Secret struct {
-	Raw  string
-	hash string
-}
-
-func (s Secret) HashSecret() error {
+func HashSecret(secret string) (string, error) {
 	hashconf := &struct {
 		memory      uint32
 		iterations  uint32
@@ -24,11 +19,11 @@ func (s Secret) HashSecret() error {
 	salt := make([]byte, hashconf.saltLength)
 	_, err := rand.Read(salt)
 	if err != nil {
-		return err
+		return "", err
 	}
 
 	hash := argon2.IDKey(
-		[]byte(s.Raw),
+		[]byte(secret),
 		salt,
 		hashconf.iterations,
 		hashconf.memory,
@@ -46,10 +41,6 @@ func (s Secret) HashSecret() error {
 		b64Salt,
 		b64Hash,
 	)
-	s.hash = encodedHash
-	return err
-}
 
-func (s *Secret) Hash() string {
-	return s.hash
+	return encodedHash, nil
 }
-- 
cgit v1.2.3