From a5c8467bbb14731847cdf8c37cbde0c91827022a Mon Sep 17 00:00:00 2001 From: xengineering Date: Sat, 20 Jun 2026 17:07:47 +0200 Subject: Add Authenticate() This function validates a username and password against the database. --- password.go | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'password.go') diff --git a/password.go b/password.go index 024ffd7..edbeb7a 100644 --- a/password.go +++ b/password.go @@ -2,6 +2,7 @@ package main import ( "database/sql" + "fmt" _ "github.com/mattn/go-sqlite3" "golang.org/x/crypto/bcrypt" @@ -28,3 +29,20 @@ func Register(db *sql.DB, username, password string) error { return err } + +func Authenticate(db *sql.DB, username, password string) error { + var hash []byte + err := Transaction(db, func(tx *sql.Tx) error { + row := tx.QueryRow( + `SELECT password_bcrypt from users WHERE username=?;`, + username, + ) + + return row.Scan(&hash) + }) + if err != nil { + return fmt.Errorf("Failed to get password hash from database: %w", err) + } + + return bcrypt.CompareHashAndPassword(hash, []byte(password)) +} -- cgit v1.3.1