universal-hashing-sha256

server/crypto/common.go

@@ -1,7 +1,9 @@
 package crypto
 
 import (
+	"crypto/sha256"
 	"crypto/x509"
+	"encoding/hex"
 	"encoding/json"
 
 	"github.com/authorizerdev/authorizer/server/constants"
@@ -125,11 +127,33 @@ func EncryptEnvData(data map[string]interface{}) (string, error) {
 	return EncryptB64(string(encryptedConfig)), nil
 }
 
+// getSHA256 calculates the SHA-256 hash of a string
+func getSHA256(input string) string {
+	hash := sha256.New()
+	hash.Write([]byte(input))
+	return hex.EncodeToString(hash.Sum(nil))
+}
+
+// VerifyPassword compares a stored hashed password with a user-provided password
+func VerifyPassword(storedHashedPassword, userProvidedPassword string) error {
+	// CompareHashAndPassword returns nil on success
+	err := bcrypt.CompareHashAndPassword([]byte(storedHashedPassword), []byte(userProvidedPassword))
+	if err != nil {
+		passwordSHA256 := getSHA256(userProvidedPassword)
+		err = bcrypt.CompareHashAndPassword([]byte(storedHashedPassword), []byte(passwordSHA256))
+	}
+	return err
+}
+
 // EncryptPassword is used for encrypting password
 func EncryptPassword(password string) (string, error) {
 	pw, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
 	if err != nil {
-		return "", err
+		password = getSHA256(password)
+		pw, err = bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
+		if err != nil {
+			return "", err
+		}
 	}
 
 	return string(pw), nil