42 lines
1.5 KiB
C++
42 lines
1.5 KiB
C++
#include "headers/encrypt.h"
|
|
|
|
string hash_password(string password) {
|
|
/*
|
|
Passing strings and converting to char* because I do not want to be forced
|
|
to use char * whenever I want to call the function. Low level stuff in the
|
|
function, the least possible low level stuff outside.
|
|
This uses the password hashing algorithm Argon2 implemented by libsodium.
|
|
DO NOT MODIFY memory_limit and cpu_limit after you add customers to the db.
|
|
When you do that, the hashed passwords can't be decrypted, and that would be
|
|
BAD
|
|
*/
|
|
const char* password_ = password.c_str();
|
|
char hashed_password_[crypto_pwhash_STRBYTES];
|
|
int memory_limit = 3.2e+7; // 3.2e7 = 32e6 = 32 mb
|
|
int cpu_limit = 1; // this is n_threads
|
|
|
|
int result = crypto_pwhash_str(hashed_password_,
|
|
password_,
|
|
strlen(password_),
|
|
cpu_limit,
|
|
memory_limit);
|
|
string hashed_password{hashed_password_};
|
|
|
|
return hashed_password;
|
|
}
|
|
|
|
bool verify_password(string hashed_password, string unhashed_password) {
|
|
/*
|
|
this verifies the password. It's encryption magic and don't question it.
|
|
*/
|
|
const char* password_ = unhashed_password.c_str();
|
|
const char* hashed_password_ = hashed_password.c_str();
|
|
|
|
if (crypto_pwhash_str_verify(
|
|
hashed_password_, password_, strlen(password_)) != 0) {
|
|
return false;
|
|
} else {
|
|
return true;
|
|
}
|
|
}
|