Authenticated returns a Gin handler function that checks whether the request contains an authentication token of the correct kind.

CheckPasswordHash checks whether the passed password is the same as the one stored in the hash (collision probability is negligible).

HashPassword returns the bcrypt hash of the passed password.

ParseAuthorizationHeader returns a Gin handler function that checks that the "authorization" header, if present, contains a valid JWT token and stores the parsed JWT claims in Gin's request context: the whole token is stored in the "auth" field and the subject is stored in "authSubject".

SignToken generates a JWT string with a payload containing the specified kind and subject, the iat field is set to the current timestamp and the token is signed using the passed secret and the HS512 algorithm.