Skip to content

Instantly share code, notes, and snippets.

Created October 11, 2014 19:44
Show Gist options
  • Save derekdowling/7bfca0268ef1a28f3f76 to your computer and use it in GitHub Desktop.
Save derekdowling/7bfca0268ef1a28f3f76 to your computer and use it in GitHub Desktop.
Basic Password Handler for Go Apps/Websites
package authentication
// This will handle all aspects of authenticating users in our system
// For password managing/salting I used:
import (
const (
SaltLength = 64
// On a scale of 3 - 31, how intense Bcrypt should be
EncryptCost = 14
// This is returned when a new hash + salt combo is generated
type Password struct {
hash string
salt string
// this handles taking a raw user password and making in into something safe for
// storing in our DB
func hashPassword(salted_pass string) string {
hashed_pass, err := bcrypt.GenerateFromPassword([]byte(salted_pass), EncryptCost)
if err != nil {
return string(hashed_pass)
// Handles merging together the salt and the password
func combine(salt string, raw_pass string) string {
// concat salt + password
pieces := []string{salt, raw_pass}
salted_password := strings.Join(pieces, "")
return salted_password
// Generates a random salt using DevNull
func generateSalt() string {
// Read in data
data := make([]byte, SaltLength)
_, err := rand.Read(data)
if err != nil {
// Convert to a string
salt := string(data[:])
return salt
// Handles create a new hash/salt combo from a raw password as inputted
// by the user
func CreatePassword(raw_pass string) *Password {
password := new(Password)
password.salt = generateSalt()
salted_pass := combine(password.salt, raw_pass)
password.hash = hashPassword(salted_pass)
return password
// Checks whether or not the correct password has been provided
func PasswordMatch(guess string, password *Password) bool {
salted_guess := combine(password.salt, guess)
// compare to the real deal
if bcrypt.CompareHashAndPassword([]byte(password.hash), []byte(salted_guess)) != nil {
return false
return true
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment