unchained
unchained copied to clipboard
Secure password hashers for Go compatible with Django
Unchained
Secure password hashers for Go compatible with Django Password Hashers.
Unchained can also be used to perform password validation against legacy or shared Django databases.
Install
Requires Go 1.9 or higher.
go get github.com/alexandrevicenzi/unchained
Supported Hashers
Hasher | Encode | Decode | Dependencies |
---|---|---|---|
Argon2 | ✔ | ✔ | golang.org/x/crypto/argon2 |
BCrypt | ✔ | ✔ | golang.org/x/crypto/bcrypt |
BCrypt SHA256 | ✔ | ✔ | golang.org/x/crypto/bcrypt |
Crypt | ✘ | ✘ | |
MD5 | ✔ | ✔ | |
PBKDF2 SHA1 | ✔ | ✔ | golang.org/x/crypto/pbkdf2 |
PBKDF2 SHA256 | ✔ | ✔ | golang.org/x/crypto/pbkdf2 |
SHA1 | ✔ | ✔ | |
Unsalted MD5 | ✔ | ✔ | |
Unsalted SHA1 | ✔ | ✔ |
Notes
Crypt support is not planned because it's UNIX only.
BCrypt hasher does not allow to set custom salt as in Django. If you encode the same password multiple times you will get different hashes. This limitation comes from golang.org/x/crypto/bcrypt library.
Examples
Encode password
package main
import "github.com/alexandrevicenzi/unchained"
func main() {
hash, err := unchained.MakePassword("my-password", unchained.GetRandomString(12), "default")
if err == nil {
fmt.Println(hash)
} else {
fmt.Printf("Error encoding password: %s\n", err)
}
}
Validate password
package main
import "github.com/alexandrevicenzi/unchained"
func main() {
valid, err := unchained.CheckPassword("admin", "pbkdf2_sha256$24000$JMO9TJawIXB1$5iz40fwwc+QW6lZY+TuNciua3YVMV3GXdgkhXrcvWag=")
if valid {
fmt.Println("Password is valid.")
} else {
if err == nil {
fmt.Println("Password is invalid.")
} else {
fmt.Printf("Error decoding password: %s\n", err)
}
}
}
License
BSD
Reference
- Password management in Django
- Django Unchained :trollface:
Related Links
-
Django compatible signing for Go (
django.core.signing
)