Password Hashing (bcrypt)

这个例子将展示如何使用bcrypt 来hash 密码. 为了使用它,我们需要 go get bcrypt 这个库:

$ go get golang.org/x/crypto/bcrypt

接下来,我们所有的应用都将使用这个库..

  1. // passwords.go
  2. package main
  4. import (
  5.     "fmt"
  7.     "golang.org/x/crypto/bcrypt"
  8. )
  10. func HashPassword(password string) (string, error) {
  11.     bytes, err := bcrypt.GenerateFromPassword([]byte(password), 14)
  12.     return string(bytes), err
  13. }
  15. func CheckPasswordHash(password, hash string) bool {
  16.     err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
  17.     return err == nil
  18. }
  20. func main() {
  21.     password := "secret"
  22.     hash, _ := HashPassword(password) // ignore error for the sake of simplicity
  24.     fmt.Println("Password:", password)
  25.     fmt.Println("Hash:    ", hash)
  27.     match := CheckPasswordHash(password, hash)
  28.     fmt.Println("Match:   ", match)
  29. }
  1. $ go run passwords.go
  2. Password: secret
  3. Hash:     $2a$14$ajq8Q7fbtFRQvXpdCq7Jcuy.Rx1h/L4J60Otx.gyNLbAYctGMJ9tK
  4. Match:    true