package main import ( "database/sql" "fmt" _ "github.com/mattn/go-sqlite3" "golang.org/x/crypto/bcrypt" ) const ( bcryptCost = 12 ) func Register(tx *sql.Tx, username, password string) error { hash, err := bcrypt.GenerateFromPassword([]byte(password), bcryptCost) if err != nil { return err } _, err = tx.Exec( `INSERT INTO users (username, password_bcrypt) VALUES(?, ?);`, username, hash, ) return err } func Authenticate(tx *sql.Tx, username, password string) error { var hash []byte row := tx.QueryRow( `SELECT password_bcrypt from users WHERE username=?;`, username, ) err := row.Scan(&hash) if err != nil { return fmt.Errorf("Failed to get password hash from database: %w", err) } return bcrypt.CompareHashAndPassword(hash, []byte(password)) }