hashAPIKey creates a bcrypt hash of the API key for secure storage. bcrypt includes salt and is resistant to brute-force attacks.
(key string)
| 21 | // hashAPIKey creates a bcrypt hash of the API key for secure storage. |
| 22 | // bcrypt includes salt and is resistant to brute-force attacks. |
| 23 | func hashAPIKey(key string) (string, error) { |
| 24 | hash, err := bcrypt.GenerateFromPassword([]byte(key), bcrypt.DefaultCost) |
| 25 | if err != nil { |
| 26 | return "", err |
| 27 | } |
| 28 | return string(hash), nil |
| 29 | } |
| 30 | |
| 31 | // verifyAPIKey compares a plaintext key with a bcrypt hash. |
| 32 | func verifyAPIKey(hashedKey, plainKey string) bool { |
no outgoing calls