dataforge/fn_registry
1
0
Fork 0
Code Issues Pull Requests 3 Actions Packages Projects Releases Wiki Activity

feat: jwt_generate, jwt_validate, password_hash, password_verify

Browse Source 
Fase 2 del issue 0010 — auth core:
- jwt_generate/validate: HS256 manual con crypto/hmac + crypto/sha256
- password_hash/verify: wrappers de golang.org/x/crypto/bcrypt (cost 12 default)
- JWT rechaza alg != HS256 para mitigar ataque 'alg=none'
- hmac.Equal para comparacion constant-time de firmas
This commit is contained in:
Egutierrez
2026-04-18 17:39:00 +02:00
parent 4bc6d1bced
commit 07341aa89f
14 changed files with 517 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
functions/infra/password_verify_test.go
+23
View File
@@ -0,0 +1,23 @@
package infra
import "testing"
func TestPasswordVerify_CorrectPassword(t *testing.T) {
hash, _ := PasswordHash("correct-horse-battery-staple", 4)
if err := PasswordVerify("correct-horse-battery-staple", hash); err != nil {
t.Fatalf("esperaba nil, got %v", err)
}
}
func TestPasswordVerify_WrongPassword(t *testing.T) {
hash, _ := PasswordHash("secret", 4)
if err := PasswordVerify("wrong", hash); err == nil {
t.Fatal("esperaba error con password incorrecto")
}
}
func TestPasswordVerify_InvalidHash(t *testing.T) {
if err := PasswordVerify("x", "not-a-bcrypt-hash"); err == nil {
t.Fatal("esperaba error con hash invalido")
}
}