Authentication checker converted to store passwords as bcrypt hashes

2025-12-25 15:52:29 -07:00 · 2018-12-28 15:18:50 +00:00
parent 0df376e54a
commit 76a04a2001
4 changed files with 9 additions and 3 deletions
--- a/main.go
+++ b/main.go
@@ -16,6 +16,7 @@ import (

 	"github.com/chrj/smtpd"
 	"github.com/vharitonsky/iniflags"
+	"golang.org/x/crypto/bcrypt"
 )

 const (
@@ -113,8 +114,10 @@ func authChecker(peer smtpd.Peer, username string, password string) error {
 			continue
 		}

-		if username == parts[0] && password == parts[1] {
-			return nil
+		if username == parts[0] {
+			if bcrypt.CompareHashAndPassword([]byte(parts[1]), []byte(password)) == nil {
+				return nil
+			}
 		}
 	}