dataforge/fn_registry
1
0
Fork 0
Code Issues Pull Requests 3 Actions Packages Projects Releases Wiki Activity
Files
master
fn_registry/functions/infra/password_verify.go
T
egutierrez eff5771b03 feat: jwt_generate, jwt_validate, password_hash, password_verify 
Fase 2 del issue 0010 — auth core:
- jwt_generate/validate: HS256 manual con crypto/hmac + crypto/sha256
- password_hash/verify: wrappers de golang.org/x/crypto/bcrypt (cost 12 default)
- JWT rechaza alg != HS256 para mitigar ataque 'alg=none'
- hmac.Equal para comparacion constant-time de firmas
2026-04-18 17:39:00 +02:00

10 lines
302 B
Go
Raw Permalink Blame History

package infra
import "golang.org/x/crypto/bcrypt"
// PasswordVerify compara un password en texto plano contra un hash bcrypt.
// Retorna nil si hacen match, error si no.
func PasswordVerify(password string, hash string) error {
return bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
}
Reference in New Issue View Git Blame Copy Permalink