package main import ( "database/sql" "fmt" _ "github.com/mattn/go-sqlite3" "golang.org/x/crypto/bcrypt" ) const ( bcryptCost = 12 ) func Register(db *sql.DB, username, password string) error { hash, err := bcrypt.GenerateFromPassword([]byte(password), bcryptCost) if err != nil { return err } err = Transaction(db, func(tx *sql.Tx) error { _, err := tx.Exec( `INSERT INTO users (username, password_bcrypt) VALUES(?, ?);`, username, hash, ) return err }) return err } func Authenticate(db *sql.DB, username, password string) error { var hash []byte err := Transaction(db, func(tx *sql.Tx) error { row := tx.QueryRow( `SELECT password_bcrypt from users WHERE username=?;`, username, ) return row.Scan(&hash) }) if err != nil { return fmt.Errorf("Failed to get password hash from database: %w", err) } return bcrypt.CompareHashAndPassword(hash, []byte(password)) }