Categorygithub.com/usvc/go-password

modulepackage

1.0.7

Repository: https://github.com/usvc/go-password.git

Documentation: pkg.go.dev

# README

Password

A Go package to manage password hashing, verification, and validation.


Github	https://github.com/usvc/go-password
Gitlab	https://gitlab.com/usvc/modules/go/password

Password

Usage

Importing

import "github.com/usvc/go-password"

Hashing Passwords

plaintext := "abcd1234!@#$"
hash, salt, err := password.Hash(plaintext, 32)
// ...
// store the hash and salt
// ...

Verifying Passwords

storedHash := "<hash>"
storedSalt := "<salt>"
plaintext := "abcd1234!@#$"
err := password.Verify(plaintext, storedHash, storedSalt)
if err != nil {
  // handle failed verification
} else {
  // handle successful verification
}

Validating Passwords

defaultPolicy := password.GetDefaultPolicy()
plaintext := "abcd1234!@#$"
if err := password.Validate(plaintext, defaultPolicy); err != nil {
  // handle failed validation
} else {
  // handle successful validation
}

Customizing Password Policies

customPolicy := password.Policy{
  MaximumLength: 32,
  MinimumLength: 12,
  MinimumLowercaseCount: 1,
  MinimumUppercaseCount: 1,
  MinimumNumericCount: 1,
  MinimumSpecialCount: 1,
  CustomSpecial: []byte("`!@"),
}
plaintext := "abcd1234!@#$"
if err := password.Validate(plaintext, defaultPolicy); err != nil {
  // handle failed validation
} else {
  // handle successful validation
}

Development Runbook

Getting Started

Clone this repository
Run make deps to pull in external dependencies
Write some awesome stuff
Run make test to ensure unit tests are passing
Push

Continuous Integration (CI) Pipeline

On Github

Github is used to deploy binaries/libraries because of it's ease of access by other developers.

Releasing

Releasing of the binaries can be done via Travis CI.

On Github, navigate to the tokens settings page (by clicking on your profile picture, selecting Settings, selecting Developer settings on the left navigation menu, then Personal Access Tokens again on the left navigation menu)
Click on Generate new token, give the token an appropriate name and check the checkbox on public_repo within the repo header
Copy the generated token
Navigate to travis-ci.org and access the cooresponding repository there. Click on the More options button on the top right of the repository page and select Settings
Scroll down to the section on Environment Variables and enter in a new NAME with RELEASE_TOKEN and the VALUE field cooresponding to the generated personal access token, and hit Add

On Gitlab

Version Bumping

To set up the CI pipeline in Gitlab:

Run make .ssh
Copy the contents of the file generated at ./.ssh/id_rsa.base64 into an environment variable named DEPLOY_KEY in Settings > CI/CD > Variables
Navigate to the Deploy Keys section of the Settings > Repository > Deploy Keys and paste in the contents of the file generated at ./.ssh/id_rsa.pub with the Write access allowed checkbox enabled

DEPLOY_KEY: generate this by running make .ssh and copying the contents of the file generated at ./.ssh/id_rsa.base64

Licensing

Code in this package is licensed under the MIT license (click to view text).

# Packages

cmd

No description provided by the author

# Functions

GetDefaultPolicy

GetDefaultPolicy returns a Policy with its values set to the default.

GetStringMetadata

GetStringMetadata returns a populated StringMetadata structure that provides meta-data about the provided plaintext string for further processing by validators.

Hash

Hash hashes and salts the given plaintext string and returns the result as a base64-encoded hash and salt.

Validate

Validate validates a provided plaintext password using the default PasswordPolicy or a custom policy if it's provided.

Verify

Verify verifies a provided plaintext string matches the provided base64-encoded hash and salt.

# Constants

DefaultPasswordCustomSpecial

DefaultPasswordCustomSpecial defines the default character set that is used to define special characters.

DefaultPasswordMaximumLength

DefaultPasswordMaximumLength defines the default for the length of the password.

DefaultPasswordMinimumLength

DefaultPasswordMinimumLength defines the default for the minimum length of the password.

DefaultPasswordMinimumLowercaseCount

DefaultPasswordMinimumLowercaseCount defines the default for the number of lower-cased characters required.

DefaultPasswordMinimumNumericCount

DefaultPasswordMinimumNumericCount defines the default number of numeric characters in the password.

DefaultPasswordMinimumSpecialCount

DefaultPasswordMinimumSpecialCount defines the default number of special characters in the password.

DefaultPasswordMinimumUppercaseCount

DefaultPasswordMinimumUppercaseCount defines the default for the number of upper-cased characters required.

LowercaseCharacters

LowercaseCharacters defines lowercase characters.

NumericCharacters

NumericCharacters defines numerical characters.

SpecialCharacters

SpecialCharacters defines special characters.

StringTypeLowercase

StringTypeLowercase defines a lowercase character type.

StringTypeNumeric

StringTypeNumeric defines a numeric character type.

StringTypeSpecial

StringTypeSpecial defines a special character type.

StringTypeUnknown

StringTypeUnknown defines an unknown character type.

StringTypeUppercase

StringTypeUppercase defines a uppercase character type.

UppercaseCharacters

UppercaseCharacters defines uppercase characters.

VariableArgon2RequiredMemory

VariableArgon2RequiredMemory defines the recommended memory in bytes to use to generate an Argon2id hashed password.

VariableMemoryTolerance

VariableMemoryTolerance defines the maximum amount of the available heap to use for hashing passwords.

# Structs

Policy

Policy defines possible configurations for password requirements.

StringMetadata

StringMetadata provides metadata about a string, use GetStringMetadata to generate the metadata.